Jump to content


Sumixam

Setting up Autologin at the end of SCCM OSD

Recommended Posts

I have a Task Sequence in SCCM that is deploying my test image just fine, so all the basics work. Now I am trying to add in the steps unique to our environment.

 

The first thing I need to do is to set the machine up to restart and auto log in when the TS completes. The restart works fine, but the auto login doesn't

 

I used the autologin example from this post ("How can I capture Windows 7") as a model but I cannot get it to work.

 

Right now I have the following 2 steps at the very end of my Task Sequence:

1. Run the autologin package (from the post) that imports the Registry keys

2. Restart the computer (I changed this to manually run Shutdown as I know the "Restart Computer" task in MDT sets the machine up to autologin as the local admin, better safe than sorry)

 

When it runs I get a quick flash of an error about interactive logins are not enabled (or something similar, it flashes quickly) and then the system reboots. When it comes up I get the Crtl-Alt-Del to login screen. When I do CAD my user account is set to log in but I have to provide the password. The password is correct in the REG file, so that isn't it.

 

Has anyone gotten this to work? Am I in so deep that I'm missing something obvious?

 

Thanks

Share this post


Link to post
Share on other sites


change the restart computer step back to the way it was, does it work then ?

the task sequence i posted didnt use mdt integration, are you using it ?

Share this post


Link to post
Share on other sites

No, it doesn't with either restart option.

Yes, I'm using MDT integration.

 

I've been reading that the GINA used by OSD blocks a lot of things and I'm wondering if this may be one of the things it just won't allow. In essence, I'm breaking the Task Sequence before it completes. Granted my steps are the very last things in the TS, but they still happen during the processing of the TS.

Share this post


Link to post
Share on other sites

 

Has anyone gotten this to work? Am I in so deep that I'm missing something obvious?

 

Thanks

 

I've been trying to get this to work too. I'm betting that if you login manually and check the registry, you'll find that none of your autologon values are there. I've been playing with this a lot as well. We have several laptops that are given out as loaners, are not on our domain, and are currently (through MDT LiteTouch) setup to autologon. I'm trying to replicate this with SCCM and am finding it quite difficult. What I've tried:

 

- Setup a Task Sequence that creates the registry keys via a VBScript

Problem: The keys are there after the script runs, but not after the OSD completes, even though the script is the last step in the OSD.

Assumption: SCCM removes those registry keys as part of it's cleanup.

 

- Setup a Task Sequence that creates a RunOnce key to import the registry keys

Problem: Someone has to remember to login once after the deployment runs to get autologon working.

 

I'm investigating other methods of doing this, but just feel like I'm getting in over my head, and there has to be someone who's tried this before. You and I can't be the only ones using SCCM that need the computer to autologon when SCCM is done. Anyone have any ideas?

Share this post


Link to post
Share on other sites

Why do you need it to auto-logon as part of the deployment process? Can you create a separate package, have that targeted to a collection, and then just plop the newly imaged machine into that collection?

 

Either that, or look at requiring people to log on? You could always have a message display when someone presses CTRL+ALT+DEL, or else just tweak the background image on the screen. Just a thought...

Share this post


Link to post
Share on other sites

Why do you need it to auto-logon as part of the deployment process? Can you create a separate package, have that targeted to a collection, and then just plop the newly imaged machine into that collection?

 

Either that, or look at requiring people to log on? You could always have a message display when someone presses CTRL+ALT+DEL, or else just tweak the background image on the screen. Just a thought...

 

That's a pretty good idea, one of those obvious ones that takes a set of eyes that hasn't been staring at the problem for days. I've modified the Windows logon screen to include the credentials that they need to use to logon. Not as elegant as an auto-logon, but definitely works, and works now.

 

Thanks!

Share this post


Link to post
Share on other sites

@lucid FYI, We use the autologon once the image and applications are deployed, there are some things we simply cannot do whilst deploying the image, we use a series of post install scripts to take care of these functions. Things like setting screen resolutions for widescreen laptops, forcing wireless networks to connect to a network, then various other things. It becomes very useful to be able to auto boot to desktop

 

@sabkor in your restart are you coming back into the boot os or boot pe mode?

Share this post


Link to post
Share on other sites

@sabkor in your restart are you coming back into the boot os or boot pe mode?

 

I'm booting back into the OS. I have my registry steps as the very last steps of the Task Sequence, so the OS is up and running, it's installed a few applications, etc. I did some debugging by adding lines to the Task Sequence to dump the registry at various points, and my auto-logon registry keys are there throughout the entire process (even after reboots). However, after the Task Sequence ends, they are no longer there. That's why I'm assuming that SCCM is cleaning them up somehow.

 

Someone (on another forum) posted that they believes this to be a problem with the OS that I'm deploying, Windows 7 x64, as they are having this exact issue with that OS too. (And yet, others seem to not have this issue, so perhaps they are not deploying a 64-bit OS?)

Share this post


Link to post
Share on other sites

yeah x64 is a bit nitpicky i find also... some of my scripts dont operate as expected always either...

 

i'll buildup a new 64bit TS today/tommorrow and test again.... can you export your TS (censor it) and send it over? give us something more to work with :-)

Share this post


Link to post
Share on other sites

yeah x64 is a bit nitpicky i find also... some of my scripts dont operate as expected always either...

 

i'll buildup a new 64bit TS today/tommorrow and test again.... can you export your TS (censor it) and send it over? give us something more to work with :-)

 

Sure, here are the two TSes that I've been trying with. One is just a regular TS x64.xml, the other a MDT TS x64-MDT.xml.

 

In the TSes, package FVW00043 is a VBS that creates the registry keys, package FVW0004A is a REG IMPORT line. I tried both ways just to see what works. Neither does.

 

As well, all of the reg export stuff near the end of the regular TS is just debugging, to try and see what happens with the keys.

Share this post


Link to post
Share on other sites

Just tossing out my two cents... If you're running post-install scripts after you logged in, you should be able to convert them to a script that can be run by the OSD process. We customize a ton of settings in the OS via VBScript (just make your script into a package and add it to the tail end of your OS TS), so you may want to think about tackling the issue from that direction...

Share this post


Link to post
Share on other sites

No, we're not running any post-install scripts. This is done for 'loaner' laptops that are not on our domain. They are loaned out to faculty and staff from our library and as such, it's easier for them to have an auto-logon than to have the user remember a username/password for a laptop that they'll only be using for a day or two.

Share this post


Link to post
Share on other sites

Why do you need it to auto-logon as part of the deployment process? Can you create a separate package, have that targeted to a collection, and then just plop the newly imaged machine into that collection?

 

Either that, or look at requiring people to log on? You could always have a message display when someone presses CTRL+ALT+DEL, or else just tweak the background image on the screen. Just a thought...

 

Well, SCCM is *really* starting to annoy me. So I tested the background image thing, thought that'd work great. Created my own background image with the username password that they will need. Then the following happened:

 

#1) Changed VBS script to create OEM registry key to tell Win7 to use my new background image and to copy the image to the correct location. Nothing worked. After investigation, it appears that even though I'm deploying a 64-bit OS, it's running a 32-bit version of CScript, as my file gets copied to the SysWOW64 folder, instead of system32. When deploying an application (which my script runs as an application deployment, to keep the VBS and JPG files together), I could not find a way to turn off 64-bit file redirection.

#2) Changed VBS script to create OEM registry key and just copy the JPG to the D:\ drive, so I could put it in the right spot with another TS (using a command-line, where I can disable 64-bit redirection). Created another TS step to copy the file to the correct directory. This did not work, OSD failed with a file not found error. After investigation, found that although OSD says it's running a command-line, it's not really, and you can't run some commands without prefacing it with the command-line interpreter.

#3) Left VBS script the same. Changed the command-line TS to run with 'cmd /c copy' and now it works. However, my login screen was still not modified. After investigation, my OEM registry key gets removed when the deployment completes. It's there after the command runs, but after the deployment completes successfully, it's not there, so my login screen modification never gets shown.

 

ARGH! Why does Microsoft have to make something so easy into something so complex. I have no idea what's going on here, and am still looking for ideas on how to proceed.

Share this post


Link to post
Share on other sites

What about using a logon message (this is only a snippet of VBScript code of course)?

 

strUsername = "JoeStudent"

strPassword = "MyLongPassphrase"

strCheckName = ""

 

Set objUserAccounts = GetObject("WinNT://" & objNetwork.ComputerName & "")

Set objUser = objUserAccounts.Create("user", strUsername)

objUser.Description = "account for off campus use"

objUser.SetPassword strPassword

objUser.SetInfo

objUserFlags = objUser.Get("UserFlags")

objPasswordExpirationFlag = objUserFlags OR ADS_UF_DONT_EXPIRE_PASSWD

objUser.Put "userFlags", objPasswordExpirationFlag

objUser.SetInfo

If Not objUser.UserFlags AND ADS_UF_PASSWD_CANT_CHANGE Then

'Setting the password to never expire

objPasswordNoChangeFlag = objUser.UserFlags XOR ADS_UF_PASSWD_CANT_CHANGE

objUser.Put "userFlags", objPasswordNoChangeFlag

objUser.SetInfo

End If

Set objGroup = GetObject("WinNT://" & objNetwork.ComputerName & "/Users,group")

If Not objGroup.IsMember(objUser.AdsPath) Then

objGroup.Add(objUser.AdsPath)

End If

 

Set colWin32_UserAccount = objWMI.ExecQuery ("Select * from Win32_UserAccount Where LocalAccount = True")

For Each objItem in colWin32_UserAccount

If UCase(objItem.Name) = UCase(strUserName) Then

strCheckName = "found"

End If

Next

If Not strCheckName = "found" Then

'Failed to create the local user account

Wscript.Quit(1)

End If

 

strTitle = "PLEASE READ:"

strCaption = "Please log on as """ & objNetwork.ComputerName & "\" & strUserName & """ with the password of """ & strPassword & """."

objWshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaption", strTitle,"REG_SZ"

objWshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText", strCaption,"REG_SZ"

 

Wscript.Quit

Share this post


Link to post
Share on other sites

Oh, and as for the 32-bit/64-bit issue, maybe this VBScript code snippet might help:

 

If strSystemType = "x64" Then

Write64BitRegistry "REG_DWORD", HKEY_LOCAL_MACHINE, "SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background", "OEMBackground", "1"

Else

objWshShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background\OEMBackground","1","REG_DWORD"

End If

 

 

' ~$~----------------------------------------~$~

Sub Write64BitRegistry (strRegType, strRootKey, strKey, strValueName, strValue)

' Attempts to write the supplied registry keys in a 32-bit wscript.exe process by using WMI.

' http://msdn.microsoft.com/en-us/library/aa393664(VS.85).aspx

Dim objCtx, objLocator, objReg, intReturnCode

 

Set objCtx = CreateObject("WbemScripting.SWbemNamedValueSet")

objCtx.Add "__ProviderArchitecture", 64

Set objLocator = CreateObject("Wbemscripting.SWbemLocator")

Set objReg = objLocator.ConnectServer("", "root\default", "", "", , , , objCtx).Get("StdRegProv")

 

If Ucase(strRegType) = "KEY" Then

intReturnCode = objReg.CreateKey(strRootKey,strKey)

End If

If Ucase(strRegType) = "REG_DWORD" Then

intReturnCode = objReg.SetDWORDValue(strRootKey,strKey,strValueName,strValue)

End If

If Ucase(strRegType) = "REG_SZ" Then

intReturnCode = objReg.SetStringValue(strRootKey,strKey,strValueName,strValue)

End If

If Ucase(strRegType) = "REG_EXPAND_SZ" Then

intReturnCode = objReg.SetExpandedStringValue(strRootKey,strKey,strValueName,strValue)

End If

If Not intReturnCode = 0 Then

'Failed to set the registry entry

End If

End Sub

 

And as for copying the actual file...

If strSystemType = "x64" Then

objWshShell.Run "C:\Windows\sysWOW64\xcopy.exe """ & strScriptFileDirectory & "\LogonScreenBackground"" ""C:\Windows\sysnative\oobe\Info\backgrounds"" /E /I /H /R /Y", 0, True

Else

If Not objFSO.FolderExists(WinDir & "\System32\oobe\Info") Then

objFSO.CreateFolder(WinDir & "\System32\oobe\Info")

End If

If Not objFSO.FolderExists(WinDir & "\System32\oobe\Info\backgrounds") Then

objFSO.CreateFolder(WinDir & "\System32\oobe\Info\backgrounds")

End If

If objFSO.FolderExists(WinDir & "\System32\oobe\Info\backgrounds") Then

objFSO.CopyFile (strScriptFileDirectory & "\LogonScreenBackground\backgroundDefault.jpg"), (WinDir & "\System32\oobe\Info\backgrounds\backgroundDefault.jpg"), True

End If

End If

Share this post


Link to post
Share on other sites

The registry writing via WMI calls worked! Anyone able to explain or point me to a MS document on why? I wasn't aware that 32-bit registry editing tools would not work on a 64-bit system. Is the registry virtualized and redirected much like the Program Files and system32 folders?

 

Now I'm going to go back and try my original VBS (setting up the auto-logon) with that new registry Sub as well.

Share this post


Link to post
Share on other sites

 

huh, thanks! Learn something new every day. It's funny too, I've posted this several places (even the official Microsoft forums) and noone even mentioned this.

 

There's still something wrong though, either with SCCM or Windows 7 x64. According to their document here http://msdn.microsoft.com/en-us/library/aa384253%28v=VS.85%29.aspx, only certain registry keys are redirected. Neither the HKLM\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background (where the logon background value resides) or the HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon keys are on that list as being redirected, so according to the document that means they should be shared. Not going to lose any sleep over it though, at least I have a workaround now.

Share this post


Link to post
Share on other sites

So for anyone else lurking on this thread, I've also gone back to my original setup of having the auto-logon. Using the code snippet that Lucid posted, I was able to get this working.

 

Thanks again Lucid!

 

Here's the code (VBS), for anyone interested:

 

PLEASE NOTE: This code has only been tested during the deployment of Windows 7 64-bit, and was copy/pasted from my main script, which does other things as well, YMMV.

 

Const HKEY_CLASSES_ROOT  = &h80000000
Const HKEY_CURRENT_USER  = &h80000001
Const HKEY_LOCAL_MACHINE = &h80000002
Const HKEY_USERS         = &h80000003
Const HKEY_CURRENT_CONFIG= &h80000005
Const HKEY_DYN_DATA      = &h80000006

sUsername = "My username"
sPassword = "My password"
sComputer = "My computer/domain name"
' You could also get the current computer name with the following:
' Set objNetwork = CreateObject("Wscript.Network")
' sComputer = objNetwork.ComputerName

strRegKey = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"

Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "AutoAdminLogon", "1"
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultUserName", sUsername
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultDomainName", strComputer
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultPassword", sPassword
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "ForceAutoLogon", 1
Write64BitRegistry "REG_DWORD", HKEY_LOCAL_MACHINE, strRegKey, "DisableCAD", 1


Sub Write64BitRegistry (strRegType, strRootKey, strKey, strValueName, strValue)
' Attempts to write the supplied registry keys in a 32-bit wscript.exe process by using WMI.
' http://msdn.microsof...664(VS.85).aspx
Dim objCtx, objLocator, objReg, intReturnCode

Set objCtx = CreateObject("WbemScripting.SWbemNamedValueSet")
objCtx.Add "__ProviderArchitecture", 64
Set objLocator = CreateObject("Wbemscripting.SWbemLocator")
Set objReg = objLocator.ConnectServer("", "root\default", "", "", , , , objCtx).Get("StdRegProv")

If Ucase(strRegType) = "KEY" Then
intReturnCode = objReg.CreateKey(strRootKey,strKey)
End If
If Ucase(strRegType) = "REG_DWORD" Then
intReturnCode = objReg.SetDWORDValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_SZ" Then
intReturnCode = objReg.SetStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_EXPAND_SZ" Then
intReturnCode = objReg.SetExpandedStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Not intReturnCode = 0 Then
'Failed to set the registry entry
End If
End Sub

Share this post


Link to post
Share on other sites

Sabkor, excellent work! Just wondering how you have this setup exactly. Are you doing a manual restart at the end of the TS or using the TS restart? I'm finding that if I run this in a test TS by itself on a freshly deployed machine it works, but if I put it at the end of my actual deployment TS, it behaves the same way as before (changes the AutoAdminLogin to 0 and clears the DefaultPassword key/value). I'm deploying this on Windows Server 2008 R1 STD. Any insight you have would be appreciated. Thanks!

 

So for anyone else lurking on this thread, I've also gone back to my original setup of having the auto-logon. Using the code snippet that Lucid posted, I was able to get this working.

 

Thanks again Lucid!

 

Here's the code (VBS), for anyone interested:

 

PLEASE NOTE: This code has only been tested during the deployment of Windows 7 64-bit, and was copy/pasted from my main script, which does other things as well, YMMV.

 

Const HKEY_CLASSES_ROOT  = &h80000000
Const HKEY_CURRENT_USER  = &h80000001
Const HKEY_LOCAL_MACHINE = &h80000002
Const HKEY_USERS         = &h80000003
Const HKEY_CURRENT_CONFIG= &h80000005
Const HKEY_DYN_DATA      = &h80000006

sUsername = "My username"
sPassword = "My password"
sComputer = "My computer/domain name"
' You could also get the current computer name with the following:
' Set objNetwork = CreateObject("Wscript.Network")
' sComputer = objNetwork.ComputerName

strRegKey = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"

Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "AutoAdminLogon", "1"
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultUserName", sUsername
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultDomainName", strComputer
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultPassword", sPassword
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "ForceAutoLogon", 1
Write64BitRegistry "REG_DWORD", HKEY_LOCAL_MACHINE, strRegKey, "DisableCAD", 1


Sub Write64BitRegistry (strRegType, strRootKey, strKey, strValueName, strValue)
' Attempts to write the supplied registry keys in a 32-bit wscript.exe process by using WMI.
' http://msdn.microsof...664(VS.85).aspx
Dim objCtx, objLocator, objReg, intReturnCode

Set objCtx = CreateObject("WbemScripting.SWbemNamedValueSet")
objCtx.Add "__ProviderArchitecture", 64
Set objLocator = CreateObject("Wbemscripting.SWbemLocator")
Set objReg = objLocator.ConnectServer("", "root\default", "", "", , , , objCtx).Get("StdRegProv")

If Ucase(strRegType) = "KEY" Then
intReturnCode = objReg.CreateKey(strRootKey,strKey)
End If
If Ucase(strRegType) = "REG_DWORD" Then
intReturnCode = objReg.SetDWORDValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_SZ" Then
intReturnCode = objReg.SetStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_EXPAND_SZ" Then
intReturnCode = objReg.SetExpandedStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Not intReturnCode = 0 Then
'Failed to set the registry entry
End If
End Sub

Share this post


Link to post
Share on other sites

Hi

 

got the same problem here, SCCM 2007 R2, MDT2010 integration, deploying Win7 x64.

setting the Reg Add to add the AutoAdminLogon to "1" , the PC dos not logon automaticly and if i check the registry, the key is set to "0"

and now for the funny part, if i test this in my " Test environment" , it works perfectly, bud in " production" the key is set to "0"

 

is there a explenation for this behavior, or even better....a sollution?, getting desperate here.... :-)

 

Thanks

Share this post


Link to post
Share on other sites

Hi I was able to get my TS to setup a win7 image that Auto logged in after it was finished.

 

In our enviroment we have some PCs that need to autologin for a certain group. All these PCs have the same username as the hostname so made it a bit easier for me but I can show you the scripts I placed in the TS to get it to work. All up it is 8 steps added to TS which doubles up the same thing but it works!

 

So here are my 8 scripts: (Red text is the parts you will need to modify for your unique set up)

 

Script 1 - %windir%\system32\reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f

 

Script 2 - %windir%\system32\reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultDomainName /t REG_SZ /d <YOUR DOMAIN> /f

 

Script 3 - %windir%\system32\reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultUserName /t REG_SZ /d %computername% /f

 

Script 4 - %windir%\system32\reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d <YOUR PASSWORD> /f

 

Script 5 - %windir%\system32\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce" /v AUTOLOG1 /d "c:\windows\system32\reg.exe ADD """HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon""" /v AutoAdminLogon /t REG_SZ /d 1 /f" /f

 

Script 6 - %windir%\system32\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce" /v AUTOLOG2 /d "c:\windows\system32\reg.exe ADD """HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon""" /v DefaultDomainName /t REG_SZ /d <YOUR DOMAIN> /f" /f

 

Script 7 - %windir%\system32\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce" /v AUTOLOG3 /d "c:\windows\system32\reg.exe ADD """HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon""" /v DefaultUserName /t REG_SZ /d %computername% /f" /f

 

Script 8 - %windir%\system32\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce" /v AUTOLOG4 /d "c:\windows\system32\reg.exe ADD """HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon""" /v DefaultPassword /t REG_SZ /d <YOUR PASSWORD> /f" /f

 

So the first 4 lines add the autologin settings into the Registry and the last 4 set them up for the 1st login. Now becuase I have my TS doing alot of other things SCCM logs in the PC to do these tasks and that kicks off the runonce commands which then sets it up for the autologin.

 

So once my TS is all finished I am left with the Laptop/PC sitting on the Desktop logged in by the user for the 1st time.

 

Hope this helps anyone else with this. Added a screen shot of the autologin sequance to show that it is run over 8 steps.

 

Cheers,

post-21169-0-66254500-1378090416_thumb.jpg

Share this post


Link to post
Share on other sites

I GOT IT WORKING FINALLY!

Functions:

1. account logs in

2. shortcut under startup runs the vb script

3. gpudpate is ran

4. the script deletes the shortcut and itself

5. system reboots

6. computer is left at ctrl+alt+del

 

SCCM 2012:

At first I tried to use a runonce registry entry line to do the gpupdate and a reboot, however after sccm releases the os the runonce lines are not ran until a actual user logs in and off once. To fix this we used the startup folder to call a script which does the runonce actions.

 

 

In Task Sequence the Last step is set to run this application, for me I used a detection method of the domain name reg key.

SCCM Package

1. create .bat or .vbs to do the following (not provided) to do the following

1. runs the autologin.vbs

2. copies or creates a updateandreboot.lnk to the C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ which points to the updateandreboot.vbs

3. copies the updateandreboot.vbs to c:\windows\temp\

 

autologin.vbs

Const HKEY_CLASSES_ROOT  = &h80000000
Const HKEY_CURRENT_USER  = &h80000001
Const HKEY_LOCAL_MACHINE = &h80000002
Const HKEY_USERS         = &h80000003
Const HKEY_CURRENT_CONFIG= &h80000005
Const HKEY_DYN_DATA      = &h80000006

sUsername = "domainaccount"
sPassword = "yourdomainpassword"
sDomain = "yourdomain"

strRegKey = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"

Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "AutoAdminLogon", "1"
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultUserName", sUsername
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultDomainName", strComputer
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultPassword", sPassword
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "DefaultDomainName", sDomain
Write64BitRegistry "REG_SZ", HKEY_LOCAL_MACHINE, strRegKey, "ForceAutoLogon", 1
Write64BitRegistry "REG_DWORD", HKEY_LOCAL_MACHINE, strRegKey, "AutoLogonCount", 1
Write64BitRegistry "REG_DWORD", HKEY_LOCAL_MACHINE, strRegKey, "DisableCAD", 1

Sub Write64BitRegistry (strRegType, strRootKey, strKey, strValueName, strValue)
Dim objCtx, objLocator, objReg, intReturnCode

Set objCtx = CreateObject("WbemScripting.SWbemNamedValueSet")
objCtx.Add "__ProviderArchitecture", 64
Set objLocator = CreateObject("Wbemscripting.SWbemLocator")
Set objReg = objLocator.ConnectServer("", "root\default", "", "", , , , objCtx).Get("StdRegProv")

If Ucase(strRegType) = "KEY" Then
intReturnCode = objReg.CreateKey(strRootKey,strKey)
End If
If Ucase(strRegType) = "REG_DWORD" Then
intReturnCode = objReg.SetDWORDValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_SZ" Then
intReturnCode = objReg.SetStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Ucase(strRegType) = "REG_EXPAND_SZ" Then
intReturnCode = objReg.SetExpandedStringValue(strRootKey,strKey,strValueName,strValue)
End If
If Not intReturnCode = 0 Then
'Failed to set the registry entry
End If
End Sub









 

Create a Shortcut that calls the vbs called UpdateandReboot.lnk

 

 

UpdateandReboot.vbs

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objShell = WScript.CreateObject("WScript.Shell")

'deletes the shortcut
objShell.Run "cmd /c del /q "&chr(34)&"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UpdateandReboot.lnk"&chr(34), 0, True

'wscript.echo "cmd /c del /q "&chr(34)&"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UpdateandReboot.lnk"&chr(34)

'runs gpupdate and reboots
objShell.Run "cmd /k gpupdate"&chr(38)&chr(38)&"shutdown -r -f -t 10", 0, True

'deletes itself
strScript = Wscript.ScriptFullName
objFSO.DeleteFile(strScript)

Share this post


Link to post
Share on other sites

I've been trying to get this work.

I also wanted the last script to clear last logged in user.

Never got it working with the above steps.

Ended up creating a scheduled task to run the final script..

That worked :-)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...