Why do I need to set up Autologon values in registry twice in before it works and can I fix this?
Background: As part an automated testing suite I am building, I need to set up Autologon on my virtual machines 'on demand'. By on demand, I mean that I don't want to necessarily pre-configure my VM or any snapshot to have Autologon set up already, for security reasons and also a huge business case.
My solution so far: I'm copying a script to the guest machine and then using Sysinternals PsExec to execute it. The script is:
reg add "hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v DefaultUserName /t REG_SZ /d myusername
reg add "hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v DefaultPassword /t REG_SZ /d myfakepassword
reg add "hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v DefaultDomainName /t REG_SZ /d mydomain
reg add "hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v ForceAutoLogon /t REG_SZ /d 1
reg add "hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v AutoAdminLogon /t REG_SZ /d 1
reg add "hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoLogonChecked" /f /ve /d 1
Note: I don't believe AutoLogonChecked is required for machines post Windows 2000 but I'm doing it just in case for now. Maybe ForceAutoLogon isn't either, not sure yet.
The Problem: I see PsExec executes this properly and all the values are in the registry, however when I restart the machine, the user isn't automatically logged on...When I run this a second time then restart the machine, the user is finally logged on.
A diff between the registry states shows that the first time I run this, it is missing both the "1" for AutoAdminLogon, and also the DefaultPassword key. The second time I execute it, these values are correctly intact as I intended.
So, what is going on here? Is this expected? This post claims in the end that it really all just works (the problem was that a logoff script was setting off the values). Doesn't seem to work for me however.
Note this seems unique to Windows 7, does not occur in Windows XP
Also note that you don't need PsExec to recreate the issue - just modify the registry yourself
EDIT/update:
- Login interactively and run script (so, not executing it remotely), logging off automatically logs me back in (so, it works)
- remotely execute the script in guest when I'm interactively logged in, logging off automatically logs me back in (so, it works)
- remotely execute the script in guest when with non-interactive session if I log in afterwards (so, interactive now) then back off, it logs me back in (so, it then works)
EDIT/update 2: This only occurs for Win7x86, Win7x64, Win8x64. This does not occur for Windows XP
EDIT 3: I get same behavior using Sysinsternal's Autlogon.exe tool.
Solution 1:
Storing login/password in registry in plain text isn't good idea... I want to recommend you look at LogonExpert tool