I recently upgraded the K2000 to version 3.6.98680.

When running a scripted install for Windows 7 x64, is there a way to bypass interactive logon messages?  We have one here we use as a legal disclaimer that pops up before you enter in your name and password.  The user has to press ok on it, then they get the username and password screen.  This message stops the scripted install.

I could remove the interactive message policy from a "New Install" OU so it wouldn't run on any machines in there, but this would require us to move machines to that new install OU every time we rebuild it, them move it back.

In 3.5 I ran a complicated script to rename and domain the machines, but I'm trying to get away from that as it looks like it is frowned upon in 3.6.  The script would do a reg add to HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, then point to the next script which would do the same for the final one to run.  When I did it this way it skipped the legal message.

Is there a simple way to make the K2000 skip these messages during a post install?

0 Comments   [ + ] Show Comments


Please log in to comment



It's been a while since I've worked with interactive logon messages, but if you have AutoLogon enabled, I believe it does bypass that message.

To enable autologon, you can either create a task that sets the appropriate entries in the registry, or you can add something like this to the Setup Configuration (essentially the Unattend.xml):


Just make sure the LogonCount is high enough to cover for any tasks you have defined as needing a reboot.

EDIT: You can also set up the Autologon information when you first build the Scripted Install using the wizard.

Answered 02/27/2014 by: BHC-Austin
Fourth Degree Black Belt

Please log in to comment

I have two batch files to enable autologon and disable autologon because of that crap.


reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultDomainName /d tmccacad  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d installer  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d XXXXXXX /f

reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v legalnoticecaption /f

reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v legalnoticetext /f

shutdown -r -f -t 1


reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 0  /f

reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v legalnoticecaption /d "TMCC Academic Use Statement" /f

reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v legalnoticetext /d "TMCC Computer Use Policy - TMCC General Access Computer Labs are educational computer facilities open to all students, faculty and staff at TMCC. If not enrolled or employed at TMCC, then access is not allowed. Identification may be requested.  Lab Assistants may monitor computer use. Students needing a computer to do their homework will have preference over students that are game playing or participating in Internet chat. Students who are on the chat lines or playing games are welcome, but will be advised to come back when the labs are not busy.  Viewing or printing pornographic material that can be viewed by others is not allowed in any of the Labs or Kiosks. Cell-phone use in the labs is prohibited.  Emergency calls can be received, but the user must step outside of the Lab to continue the conversation.  Absolutely no food or beverages are allowed in the labs!  Maintain a friendly and quiet lab for other students to do their work.  Maintain a quiet work area: Loud boisterous behaviour is not acceptable; the Lab is not a place to socialize, as it's distracting to others. Children are not to be left unattended in the labs. Head count and surveys: In order to effectively use technology resources, head counts or surveys will be taken by the lab monitor. Please provide them with your cooperation. Closing time: The labs must close promptly at the scheduled time. Your cooperation in abiding with the closing time would be greatly appreciated. ACTIVITIES IN VIOLATION OF TMCC'S COMPUTER USE POLICY - Unauthorized use of a computer account. Using the campus network to gain unauthorized access to any computer systems. Connecting unauthorized equipment to the campus network. Using electronic mail to harass or threaten others. This includes, but is not limited to, sending repeated, unwanted Email to another user. Transmitting or reproducing materials that are slanderous or defamatory in nature or that otherwise violate existing laws, NSHE, or College regulations. Displaying obscene, lewd, or sexually harassing images or text in a public computer, facility, or location that can be in view of others. Initiating or propagating electronic chain letters inappropriate mass mailing. This includes, but is not limited to, multiple mailings to the TMCC Campus, newsgroups, mailing lists, or individuals forging the identity of a user or machine in an electronic communication. Attempting to monitor or tamper with another user's electronic communications, or reading, copying, changing, or deleting another user's files or software without the explicit agreement of the owner. Unauthorized attempts to circumvent data protection schemes or uncover security loopholes. This includes creating and/or running programs that are designed to identify security loopholes and/or decrypt intentionally secure data. Knowingly or carelessly performing an act that will interfere with the normal operation of computers, terminals, peripherals, or networks. This includes tampering with or removing computer hardware or software. Knowingly or carelessly running or installing on any computer system or network, or giving to another user a program intended to damage or to place excessive load on a computer system or network. This includes, but is not limited to, programs known as computer viruses, Trojan horses, and worms. Deliberately wasting/overloading computing resources, such as printing excessive copies of a document. Violating terms of applicable software licensing agreements or copyright laws. Violating the TMCC Copyright Infringement policy, copyright laws and their fair use provisions through inappropriate reproduction or dissemination of copyrighted text, images, etc. Using college resources for commercial activity such as creating products or services for sale." /f

shutdown -r -t 1

Answered 02/27/2014 by: SMal.tmcc
Red Belt

  • Interesting. I don't know if I want to muck around with the registry however. If you manually disable and enable it like this by deleting and readding it to the registry during the build, doesn't that disable your ability to change the wording via a group policy later?
    • gpo will over write it, this is where the GPO puts it. you just want to delete the keyset data and when you rejoin the domain the GPO will fix it when it updates, we do a gpupdate /force on our machines and reboot once to make it take.

      Just use these lines in a post install script and it will do what you want.

      reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1 /f

      reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultDomainName /d tmccacad /f

      reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d installer /f

      reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d XXXXXXX /f

      reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v legalnoticecaption /f

      reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v legalnoticetext /f
      • also add the login count here if you want one.

        with the policy, when you sysprep the machine if the machine was in the domain those keys exist in the master.
      • I use these batch file via psexec to auto login/disable autologon for a classroom so I can do work and not have to log in.
    • here is my k2000 post install for the acad images:

      net start w32time

      %SystemRoot%\system32\w32tm /config /update /manualpeerlist:tmccacad.tmcc.edu /syncfromflags:manual

      start /wait net user administrator /active:yes
      start /wait net localgroup administrators f13master /add
      Start /wait net user administrator password!

      start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1 /f

      start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoLogonCount /t REG_DWORD /d 4 /f

      start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultDomainName /d tmccacad /f

      start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d installer /f

      start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d password /f

      reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v legalnoticecaption /f

      reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v legalnoticetext /f

      start /wait reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Enviroment" /v LSFORCEHOST /d ms-vdf.tmccacad.tmcc.edu /f

      start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v Userinit /d "C:\Windows\system32\KUsrInit.exe," /f

      del C:\Users\Default\AppData\Local\Microsoft\Windows\webcache\*.* /f /q

      del C:\Users\Default\AppData\Local\Microsoft\Windows\*.log1 /f /q /a:hs

      del C:\Users\Default\AppData\Local\Microsoft\Windows\*.log2 /f /q /a:hs

      del C:\Users\Default\AppData\Local\Microsoft\Windows\*.blf /f /q /a:hs

      del C:\Users\Default\AppData\Local\Microsoft\Windows\*.regtrans-ms /f /q /a:hs

      del C:\Users\Default\AppData\Local\Microsoft\Windows\Explorer\*.* /f /q

      del c:\users\default\downloads\*.* /f /q /s

      "C:\Program Files\Microsoft Office\Office15\ospprearm.exe"

      cscript "c:\program files\microsoft office\office15\ospp.vbs" /act

      start /wait cscript %SystemRoot%\System32\slmgr.vbs -ATO

      start /wait msiexec /qn /i "\\\client\agent_provisioning\windows_platform\ampagent-5.5.30275-x86.msi" HOST=kbox.tmcc.edu

      start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v ipv6kill /d "reg.exe add \"HKLM\SYSTEM\CurrentControlSet\services\Tcpip6\Parameters\" /v DisabledComponents /t REG_DWORD /d 4294967295 /f"

      net user installer /delete

      start /wait cscript.exe c:\windows\w2d\join_domain.vbs tmccacad.tmcc.edu installer password

      Start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background" /v OEMBackground /t REG_DWORD /d 1 /f

      start /wait shutdown /r /t 20

      I have the localuser installer as my autologin in my sysprep ans file

      <settings pass="generalize">
      • Very cool, yes this would do the trick. Thanks for posting all of that.

        I just talked to the deskside guys and I think they just decided they want it to where it will always put every machine in the new installs OU now, which I set to not display the logon message.

        I think I'll use something like this: http://www.itninja.com/question/looking-for-k2000-join-domain-powershell-script

        I need to test and make sure that if the machine already exists in AD it will still be moved to the New Installs OU.
  • The last step of the script I ran in 3.5 ran this, and I never had this problem. I might give something like this a shot again:

    REM Join a Windows 7 x64 computer to the domain

    REM ***** Join_Domain.vbs <domain> <DomainUser> <password> <Default domain DNS Server IP> *****>

    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 0 /f
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultUserName /t REG_SZ /d <NULL> /f
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d <NULL> /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v V1 /t REG_SZ /d "CMD /C \"rd /s /q C:\source\""

    shutdown -r -t 150
Please log in to comment

I already have autologon enabled just as you have shown above, but it does not skip the message.  I have my build set to log on 4 times.  The autologons work, except for after the join the domain portion of my script runs.  Once it runs, I get our group policy that makes the machine display the popup message.  Once you hit ok on the popup message it goes in to the desktop without a password (because autologon provides the name and password).  


This is my entire scripted install setup configuration:

<?xml version="1.0" encoding="utf-8"?>

<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

  <settings pass="windowsPE">

    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">













    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">










  <settings pass="specialize">

    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">



      <TimeZone>Eastern Standard Time</TimeZone>












    <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">





    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">


        <RunSynchronousCommand wcm:action="add">

          <Path>reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 00000000 /f</Path>

          <Description>Setting Network Location</Description>







  <settings pass="oobeSystem">

    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">














          <LocalAccount wcm:action="add">















Answered 02/27/2014 by: edwimb
Third Degree Blue Belt

Please log in to comment

After some more digging, it looks like your best bet would be to use something like AutoIT to automate the clicking of the OK button and set it to run at startup.

Answered 02/27/2014 by: BHC-Austin
Fourth Degree Black Belt

  • That's seems like a like of work compared to my old script, which was able to get by it.

    I'll figure something out...
Please log in to comment
Answer this question or Comment on this question for clarity
Admin Script Editor
Admin Script Editor is an integrated scripting environment available free here at ITNinja