Auto login a user at boot on Windows Server 2016?

windows windows-server-2016 windows-server-2012

Use Sysinternals Autologon. It stores the credentials in the registry more securely than other methods.

Autologon for Windows v3.10
https://technet.microsoft.com/en-us/sysinternals/autologon


I also struggled to get this to work on a (non-Domain connected) Windows Server 2016.

I noticed that there was CTRL-ALT-DELETE requirement on login so thought I would try to disable this...and suddenly auto-login began to work!

Full steps I used:

To set auto-login account

  • Start > Run > netplwiz (as explained in other answers)
  • Un-tick "Users must enter a user name and password to use this computer."
  • Provide login credentials to be used for auto-logon

Disabling CTRL+ALT+DEL logon requirement

  • Start
  • Type 'Local Security Policy' (no quotes) and click on item matching this name
  • Open 'Local Policies'
  • Open 'Security Options'
  • Locate Policy called 'Interactive logon: Do not require CTRL+ALT+DEL'
  • Double click on it
  • Set to 'Enabled'

After applying this change and rebooting the server it managed to successfully auto-login to the account I had provided.


While it really is an extremely bad idea it is still possible. However, the user must have a password AND the password is revealed to anyone that has access to HKLM. Most likely your desired user is even in the Domain Admins group.

As described in TechNet documentation AutoAdminLogon, you can add

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoAdminLogon"="1"
"DefaultUserName"="your-admin-account"
"DefaultDomainName"="yourdomain.local"
"DefaultPassword"="YourAdminPasswordRevealedToThePublicByAStupidAdmin"

If this is a test environment not connected to your network and you are using a local admin account please be welcome to do so. Otherwise: just don't do it.

ADDITION: This doesn't answer the original question, but I just wanted to add a notice that this is still a suitable way to create a non-authenticated "kiosk machine", if you also add

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ForceAutoLogon"="1"

for logging the user automatically in right after logout. If your user is on Domain Guests group the profile will be automatically deleted on every logoff and a fresh profile created based on default profile. You could also change the shell for example if you want to launch a web browser instead of the default explorer.exe. Then, closing browser window will cause deletion of all cache and browsing history.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

Related

Should a detached EBS volume keep charging monthly?
DL380 G5, RAID5, ext3, RAID Failed
What Ethernet twisted pair cable is best with a particular Ethernet switch
Most efficient RAID configuration with 6 disks?
First time opening an SSH server to internet, what to check
Is 192.168.122.1 a valid IP?
Where function query withcount not working Laravel
Spring Boot KeyCloak not invoking success handler
Why pass a delegate to a function instead of calling a function inside a function?
Is NodeJS crypto dependent on the user's system?
FtpWebRequest "The remote certificate is invalid according to the validation procedure"
Can macOS operate/output video at 144 Hz screen refresh rate?