Jump to content


  • 0
Sumixam

Setting up Autologin at the end of SCCM OSD

Question

I have a Task Sequence in SCCM that is deploying my test image just fine, so all the basics work. Now I am trying to add in the steps unique to our environment.

 

The first thing I need to do is to set the machine up to restart and auto log in when the TS completes. The restart works fine, but the auto login doesn't

 

I used the autologin example from this post ("How can I capture Windows 7") as a model but I cannot get it to work.

 

Right now I have the following 2 steps at the very end of my Task Sequence:

1. Run the autologin package (from the post) that imports the Registry keys

2. Restart the computer (I changed this to manually run Shutdown as I know the "Restart Computer" task in MDT sets the machine up to autologin as the local admin, better safe than sorry)

 

When it runs I get a quick flash of an error about interactive logins are not enabled (or something similar, it flashes quickly) and then the system reboots. When it comes up I get the Crtl-Alt-Del to login screen. When I do CAD my user account is set to log in but I have to provide the password. The password is correct in the REG file, so that isn't it.

 

Has anyone gotten this to work? Am I in so deep that I'm missing something obvious?

 

Thanks

Share this post


Link to post
Share on other sites

Recommended Posts

  • 0

No, we're not running any post-install scripts. This is done for 'loaner' laptops that are not on our domain. They are loaned out to faculty and staff from our library and as such, it's easier for them to have an auto-logon than to have the user remember a username/password for a laptop that they'll only be using for a day or two.

Share this post


Link to post
Share on other sites

  • 0

Why do you need it to auto-logon as part of the deployment process? Can you create a separate package, have that targeted to a collection, and then just plop the newly imaged machine into that collection?

 

Either that, or look at requiring people to log on? You could always have a message display when someone presses CTRL+ALT+DEL, or else just tweak the background image on the screen. Just a thought...

 

Well, SCCM is *really* starting to annoy me. So I tested the background image thing, thought that'd work great. Created my own background image with the username password that they will need. Then the following happened:

 

#1) Changed VBS script to create OEM registry key to tell Win7 to use my new background image and to copy the image to the correct location. Nothing worked. After investigation, it appears that even though I'm deploying a 64-bit OS, it's running a 32-bit version of CScript, as my file gets copied to the SysWOW64 folder, instead of system32. When deploying an application (which my script runs as an application deployment, to keep the VBS and JPG files together), I could not find a way to turn off 64-bit file redirection.

#2) Changed VBS script to create OEM registry key and just copy the JPG to the D:\ drive, so I could put it in the right spot with another TS (using a command-line, where I can disable 64-bit redirection). Created another TS step to copy the file to the correct directory. This did not work, OSD failed with a file not found error. After investigation, found that although OSD says it's running a command-line, it's not really, and you can't run some commands without prefacing it with the command-line interpreter.

#3) Left VBS script the same. Changed the command-line TS to run with 'cmd /c copy' and now it works. However, my login screen was still not modified. After investigation, my OEM registry key gets removed when the deployment completes. It's there after the command runs, but after the deployment completes successfully, it's not there, so my login screen modification never gets shown.

 

ARGH! Why does Microsoft have to make something so easy into something so complex. I have no idea what's going on here, and am still looking for ideas on how to proceed.

Share this post


Link to post
Share on other sites

  • 0

What about using a logon message (this is only a snippet of VBScript code of course)?

 

strUsername = "JoeStudent"

strPassword = "MyLongPassphrase"

strCheckName = ""

 

Set objUserAccounts = GetObject("WinNT://" & objNetwork.ComputerName & "")

Set objUser = objUserAccounts.Create("user", strUsername)

objUser.Description = "account for off campus use"

objUser.SetPassword strPassword

objUser.SetInfo

objUserFlags = objUser.Get("UserFlags")

objPasswordExpirationFlag = objUserFlags OR ADS_UF_DONT_EXPIRE_PASSWD

objUser.Put "userFlags", objPasswordExpirationFlag

objUser.SetInfo

If Not objUser.UserFlags AND ADS_UF_PASSWD_CANT_CHANGE Then

'Setting the password to never expire

objPasswordNoChangeFlag = objUser.UserFlags XOR ADS_UF_PASSWD_CANT_CHANGE

objUser.Put "userFlags", objPasswordNoChangeFlag

objUser.SetInfo

End If

Set objGroup = GetObject("WinNT://" & objNetwork.ComputerName & "/Users,group")

If Not objGroup.IsMember(objUser.AdsPath) Then

objGroup.Add(objUser.AdsPath)

End If

 

Set colWin32_UserAccount = objWMI.ExecQuery ("Select * from Win32_UserAccount Where LocalAccount = True")

For Each objItem in colWin32_UserAccount

If UCase(objItem.Name) = UCase(strUserName) Then

strCheckName = "found"

End If

Next

If Not strCheckName = "found" Then

'Failed to create the local user account

Wscript.Quit(1)

End If

 

strTitle = "PLEASE READ:"

strCaption = "Please log on as """ & objNetwork.ComputerName & "\" & strUserName & """ with the password of """ & strPassword & """."

objWshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaption", strTitle,"REG_SZ"

objWshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText", strCaption,"REG_SZ"

 

Wscript.Quit

Share this post


Link to post
Share on other sites

  • 0

Oh, and as for the 32-bit/64-bit issue, maybe this VBScript code snippet might help:

 

If strSystemType = "x64" Then

Write64BitRegistry "REG_DWORD", HKEY_LOCAL_MACHINE, "SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background", "OEMBackground", "1"

Else

objWshShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background\OEMBackground","1","REG_DWORD"

End If

 

 

' ~$~----------------------------------------~$~

Sub Write64BitRegistry (strRegType, strRootKey, strKey, strValueName, strValue)

' Attempts to write the supplied registry keys in a 32-bit wscript.exe process by using WMI.

' http://msdn.microsoft.com/en-us/library/aa393664(VS.85).aspx

Dim objCtx, objLocator, objReg, intReturnCode

 

Set objCtx = CreateObject("WbemScripting.SWbemNamedValueSet")

objCtx.Add "__ProviderArchitecture", 64

Set objLocator = CreateObject("Wbemscripting.SWbemLocator")

Set objReg = objLocator.ConnectServer("", "root\default", "", "", , , , objCtx).Get("StdRegProv")

 

If Ucase(strRegType) = "KEY" Then

intReturnCode = objReg.CreateKey(strRootKey,strKey)

End If

If Ucase(strRegType) = "REG_DWORD" Then

intReturnCode = objReg.SetDWORDValue(strRootKey,strKey,strValueName,strValue)

End If

If Ucase(strRegType) = "REG_SZ" Then

intReturnCode = objReg.SetStringValue(strRootKey,strKey,strValueName,strValue)

End If

If Ucase(strRegType) = "REG_EXPAND_SZ" Then

intReturnCode = objReg.SetExpandedStringValue(strRootKey,strKey,strValueName,strValue)

End If

If Not intReturnCode = 0 Then

'Failed to set the registry entry

End If

End Sub

 

And as for copying the actual file...

If strSystemType = "x64" Then

objWshShell.Run "C:\Windows\sysWOW64\xcopy.exe """ & strScriptFileDirectory & "\LogonScreenBackground"" ""C:\Windows\sysnative\oobe\Info\backgrounds"" /E /I /H /R /Y", 0, True

Else

If Not objFSO.FolderExists(WinDir & "\System32\oobe\Info") Then

objFSO.CreateFolder(WinDir & "\System32\oobe\Info")

End If

If Not objFSO.FolderExists(WinDir & "\System32\oobe\Info\backgrounds") Then

objFSO.CreateFolder(WinDir & "\System32\oobe\Info\backgrounds")

End If

If objFSO.FolderExists(WinDir & "\System32\oobe\Info\backgrounds") Then

objFSO.CopyFile (strScriptFileDirectory & "\LogonScreenBackground\backgroundDefault.jpg"), (WinDir & "\System32\oobe\Info\backgrounds\backgroundDefault.jpg"), True

End If

End If

Share this post


Link to post
Share on other sites

  • 0

The registry writing via WMI calls worked! Anyone able to explain or point me to a MS document on why? I wasn't aware that 32-bit registry editing tools would not work on a 64-bit system. Is the registry virtualized and redirected much like the Program Files and system32 folders?

 

Now I'm going to go back and try my original VBS (setting up the auto-logon) with that new registry Sub as well.

Share this post


Link to post
Share on other sites

  • 0

 

huh, thanks! Learn something new every day. It's funny too, I've posted this several places (even the official Microsoft forums) and noone even mentioned this.

 

There's still something wrong though, either with SCCM or Windows 7 x64. According to their document here http://msdn.microsoft.com/en-us/library/aa384253%28v=VS.85%29.aspx, only certain registry keys are redirected. Neither the HKLM\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background (where the logon background value resides) or the HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon keys are on that list as being redirected, so according to the document that means they should be shared. Not going to lose any sleep over it though, at least I have a workaround now.

Share this post


Link to post
Share on other sites

  • 0

So for anyone else lurking on this thread, I've also gone back to my original setup of having the auto-logon. Using the code snippet that Lucid posted, I was able to get this working.

 

Thanks again Lucid!

 

Here's the code (VBS), for anyone interested:

 

PLEASE NOTE: This code has only been tested during the deployment of Windows 7 64-bit, and was copy/pasted from my main script, which does other things as well, YMMV.

 

Const HKEY_CLASSES_ROOT  = &h80000000
Const HKEY_CURRENT_USER  = &h80000001
Const HKEY_LOCAL_MACHINE = &h80000002
Const HKEY_USERS         = &h80000003
Const HKEY_CURRENT_CONFIG= &h80000005
Const HKEY_DYN_DATA      = &h80000006

sUsername = "My username"
sPassword = "My password"
sComputer = "My computer/domain name"
' You could also get the current computer name with the following:
' Set objNetwork = CreateObject("Wscript.Network")
' sComputer = objNetwork.ComputerName

strRegKey = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"

Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "AutoAdminLogon", "1"
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultUserName", sUsername
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultDomainName", strComputer
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultPassword", sPassword
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "ForceAutoLogon", 1
Write64BitRegistry "REG_DWORD", HKEY_LOCAL_MACHINE, strRegKey, "DisableCAD", 1


Sub Write64BitRegistry (strRegType, strRootKey, strKey, strValueName, strValue)
' Attempts to write the supplied registry keys in a 32-bit wscript.exe process by using WMI.
' http://msdn.microsof...664(VS.85).aspx
Dim objCtx, objLocator, objReg, intReturnCode

Set objCtx = CreateObject("WbemScripting.SWbemNamedValueSet")
objCtx.Add "__ProviderArchitecture", 64
Set objLocator = CreateObject("Wbemscripting.SWbemLocator")
Set objReg = objLocator.ConnectServer("", "root\default", "", "", , , , objCtx).Get("StdRegProv")

If Ucase(strRegType) = "KEY" Then
intReturnCode = objReg.CreateKey(strRootKey,strKey)
End If
If Ucase(strRegType) = "REG_DWORD" Then
intReturnCode = objReg.SetDWORDValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_SZ" Then
intReturnCode = objReg.SetStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_EXPAND_SZ" Then
intReturnCode = objReg.SetExpandedStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Not intReturnCode = 0 Then
'Failed to set the registry entry
End If
End Sub

Share this post


Link to post
Share on other sites

  • 0

Sabkor, excellent work! Just wondering how you have this setup exactly. Are you doing a manual restart at the end of the TS or using the TS restart? I'm finding that if I run this in a test TS by itself on a freshly deployed machine it works, but if I put it at the end of my actual deployment TS, it behaves the same way as before (changes the AutoAdminLogin to 0 and clears the DefaultPassword key/value). I'm deploying this on Windows Server 2008 R1 STD. Any insight you have would be appreciated. Thanks!

 

So for anyone else lurking on this thread, I've also gone back to my original setup of having the auto-logon. Using the code snippet that Lucid posted, I was able to get this working.

 

Thanks again Lucid!

 

Here's the code (VBS), for anyone interested:

 

PLEASE NOTE: This code has only been tested during the deployment of Windows 7 64-bit, and was copy/pasted from my main script, which does other things as well, YMMV.

 

Const HKEY_CLASSES_ROOT  = &h80000000
Const HKEY_CURRENT_USER  = &h80000001
Const HKEY_LOCAL_MACHINE = &h80000002
Const HKEY_USERS         = &h80000003
Const HKEY_CURRENT_CONFIG= &h80000005
Const HKEY_DYN_DATA      = &h80000006

sUsername = "My username"
sPassword = "My password"
sComputer = "My computer/domain name"
' You could also get the current computer name with the following:
' Set objNetwork = CreateObject("Wscript.Network")
' sComputer = objNetwork.ComputerName

strRegKey = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"

Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "AutoAdminLogon", "1"
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultUserName", sUsername
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultDomainName", strComputer
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultPassword", sPassword
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "ForceAutoLogon", 1
Write64BitRegistry "REG_DWORD", HKEY_LOCAL_MACHINE, strRegKey, "DisableCAD", 1


Sub Write64BitRegistry (strRegType, strRootKey, strKey, strValueName, strValue)
' Attempts to write the supplied registry keys in a 32-bit wscript.exe process by using WMI.
' http://msdn.microsof...664(VS.85).aspx
Dim objCtx, objLocator, objReg, intReturnCode

Set objCtx = CreateObject("WbemScripting.SWbemNamedValueSet")
objCtx.Add "__ProviderArchitecture", 64
Set objLocator = CreateObject("Wbemscripting.SWbemLocator")
Set objReg = objLocator.ConnectServer("", "root\default", "", "", , , , objCtx).Get("StdRegProv")

If Ucase(strRegType) = "KEY" Then
intReturnCode = objReg.CreateKey(strRootKey,strKey)
End If
If Ucase(strRegType) = "REG_DWORD" Then
intReturnCode = objReg.SetDWORDValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_SZ" Then
intReturnCode = objReg.SetStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_EXPAND_SZ" Then
intReturnCode = objReg.SetExpandedStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Not intReturnCode = 0 Then
'Failed to set the registry entry
End If
End Sub

Share this post


Link to post
Share on other sites

  • 0

Hi

 

got the same problem here, SCCM 2007 R2, MDT2010 integration, deploying Win7 x64.

setting the Reg Add to add the AutoAdminLogon to "1" , the PC dos not logon automaticly and if i check the registry, the key is set to "0"

and now for the funny part, if i test this in my " Test environment" , it works perfectly, bud in " production" the key is set to "0"

 

is there a explenation for this behavior, or even better....a sollution?, getting desperate here.... :-)

 

Thanks

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.