Scripting : Windows 7 x64 Auto-Login on Workgroup Account

Windows 7 x64 Auto-Login on Workgroup Account

I have successfully imaged a PC using the scripted installation on the K2000. My question is, how would I go about enabling the local admin account in Windows 7, delete the account that was created to do the install, and create a local limited account?

0 Comments [ + ] Show comments

Answers (2)

Answer Summary:

Posted by: SMal.tmcc 11 years ago

put these commands in your post tasks.

start /wait net user administrator /active:yes
start /wait net user administrator Pa$$word

start /wait net user 2ndUserName /delete

start /wait net user NewUser Password /add /fullname:"first last"

start /wait net user NewUser /active:yes

start /wait net localgroup groupname newuser /add

http://support.microsoft.com/kb/251394

http://technet.microsoft.com/en-us/library/cc725622(v=ws.10).aspx

Comments:

Perfect. Also, what is the commands to make NewUser set to "User cannot change password" and Password never expires" options? - akilpatrick 11 years ago
/passwordchg:{yes | no}
Specifies whether users can change their own password. The default is yes.
/expires:{date | never}
Causes the account to expire if date is set. The never option sets no time limit on the account. An expiration date is in the form mm/dd/yy or dd/mm/yy, depending on the country code. Months can be a number, spelled out, or abbreviated with three letters. Year can be two or four numbers. Use slashes (/) with no spaces to separate parts of the date.

start /wait net user NewUser Password /add /fullname:"first last" /expires:never /passwordchg:no - SMal.tmcc 11 years ago
The option for "User cannot change password" works. The other " Password never expires" option is not checked. I have exactly what you posted here.

start /wait net user NewUser Password /add /fullname:"first last" /expires:never /passwordchg:no - akilpatrick 11 years ago
oops by bad, that /expires is for the account not the password you can create a second user with these 2 lines. by default the user will be a member of "users"

start /wait net user NewUser Password /add /fullname:"first last" /expires:never /passwordchg:no /active
start /wait wmic useraccount where Name='NewUser' set PasswordExpires=False - SMal.tmcc 11 years ago
That worked perfectly... One more thing... I would like on another setup, to do all the following we have done so far, but the new user we created, how would I go about making it to auto login on Windows 7 x64-bit? - akilpatrick 11 years ago
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1 /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoLogonCount /t REG_DWORD /d 2 /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d 2ndUserName /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d Pa$$w0rd /f

the auto login count is how many times it will autologin with these crdentials. If you want it to do it forever leave that line out. When the count reaches zero it deletes the defaultpassword keyset.
if you want it to autologin to a domain account you need to add
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultDomainName /d domain /f - SMal.tmcc 11 years ago
This works great when I manually run it... Would I need to add it as a shell script or bat script in the k2000? - akilpatrick 11 years ago
Sorry not shell script as it is for Mac OSX... When I run it in the scripted install it does not work. So I'm wondering if it needs to login the new account first, then autologin forever?

Right now, it comes up to select administrator or the account I created. I select it then it logs in. - akilpatrick 11 years ago
I have a post bat script for windows with these commands, you can also put the command in your answer file to autologin for scripted installs.
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<OOBE>
<HideEULAPage>true</HideEULAPage>
<NetworkLocation>Work</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
</OOBE>
<UserAccounts>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<PlainText>false</PlainText>
<Value>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxZAA=</Value>
</Password>
<DisplayName>F12Master</DisplayName>
<Name>F12Master</Name>
</LocalAccount>
</LocalAccounts>
<AdministratorPassword>
<PlainText>false</PlainText>
<Value>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxHcAbwByAGQA</Value>
</AdministratorPassword>
</UserAccounts>
<RegisteredOrganization>tmcc</RegisteredOrganization>
<RegisteredOwner>staff</RegisteredOwner>
<AutoLogon>
<Password>
<Value>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxZAA=</Value>
<PlainText>false</PlainText>
</Password>
<Enabled>true</Enabled>
<Username>F12Master</Username>
</AutoLogon>
</component>

here is my post image task for one of my acad images

net start w32time

%SystemRoot%\system32\w32tm /config /update /manualpeerlist:tmccacad.tmcc.edu /syncfromflags:manual

start /wait net user administrator /active:yes
start /wait net localgroup administrators f12master /add
Start /wait net user administrator password

start /wait cscript.exe -b c:\windows\w2d\join_domain.vbs tmccacad.tmcc.edu installer password

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1 /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoLogonCount /t REG_DWORD /d 2 /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultDomainName /d tmccacad /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d installer /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d password /f

start /wait reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Enviroment" /v LSFORCEHOST /d ms-vdf.tmccacad.tmcc.edu /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v Userinit /d "C:\Windows\system32\KUsrInit.exe," /f

del C:\Users\Default\AppData\Local\Microsoft\Windows\*.log1 /f /q /a:hs

del C:\Users\Default\AppData\Local\Microsoft\Windows\*.log2 /f /q /a:hs

del C:\Users\Default\AppData\Local\Microsoft\Windows\*.blf /f /q /a:hs

del C:\Users\Default\AppData\Local\Microsoft\Windows\*.regtrans-ms /f /q /a:hs

del C:\Users\Default\AppData\Local\Microsoft\Windows\Explorer\*.* /f /q

del c:\users\default\downloads\*.* /f /q /s

"C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\ospprearm.exe"

start /wait cscript %SystemRoot%\System32\slmgr.vbs -ATO

start /wait cscript "c:\program files\microsoft office\office14\ospp.vbs" /act

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v ipv6kill /d "reg.exe add \"HKLM\SYSTEM\CurrentControlSet\services\Tcpip6\Parameters\" /v DisabledComponents /t REG_DWORD /d 4294967295 /f"

cmd /c md "%allusersprofile%\Dell\KACE" & cmd /c move /y "%systemdrive%\KACE\k2000_deployment_info.conf" "%allusersprofile%\Dell\KACE\k2000_deployment_info.conf"

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v kclean /d "c:\kcleanup.exe" - SMal.tmcc 11 years ago
We are not using Sysprep, therefore no answer file. - akilpatrick 11 years ago
got thinking about your problem and realized what is wrong, windows 7 knows administrator is local but not the 2nduser so try this line with the .\ in front of the user name
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d .\2ndUserName /f - SMal.tmcc 11 years ago
Seems like we're on the right track... However, it still isn't working correctly...

I checked and made sure the registry keys were added and the only ones that appear to be added was:

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d .\SSCC /f

The other two doesn't appear to be set.

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1 /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d password /f

The one to set the AutoAdminLogon was set to 0 and I didn't even see the one at all for default password. - akilpatrick 10 years ago
edit this and remove your password, will run another test on my machine, is yours in the domain or workgroup? - SMal.tmcc 11 years ago
I read online somewhere about doing the password in "" empty double quotes. Should I do that or remove the password all together?

Also, what about the command:

start /wait net user SSCC password /add /fullname:"SSCC" /expires:never /passwordchg:no /active

Should I remove the password there too?

These are on a workgroup. I really appreciate all your help. You've helped me out a lot! - akilpatrick 10 years ago
- sorry just meant from the post, did not know if you cared if your pw was displayed - SMal.tmcc 11 years ago
nah, its fine... just for a workgroup environment anyways. - akilpatrick 11 years ago

Posted by: SMal.tmcc 11 years ago

ok did more testing and 64 bit requires more options

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1 /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d sscc /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d sscc /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v ForceAutoLogon /d 1 /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DisableCAD /t REG_DWORD /d 1 /f

Comments:

Well, the script works great when I manually run it... I have setup a BAT script in the k2000 as a post install to run the following:

start /wait net user SSCC sscc /add /fullname:"SSCC" /expires:never /passwordchg:no /active
start /wait wmic useraccount where Name='SSCC' set PasswordExpires=False
start /wait net user SSCC /active:yes
start /wait net localgroup groupname SSCC /add
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1 /f
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d SSCC /f
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d sscc /f
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v ForceAutoLogon /d 1 /f
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DisableCAD /t REG_DWORD /d 1 /f - akilpatrick 11 years ago
maybe it is not running, what other post tasks do you have? also look on the scripted machine and does a directory c:\kace still exist? - SMal.tmcc 11 years ago
C:\KACE folder still exists...

I have several applications installing as post install tasks in the following order:

Mozilla Firefox
Java 7 update 9
Adobe Flash
Adobe Flash Plugin
Adobe Reader
Office 2010 x64
KBOX Agent
(THEN THE SETUPCOMPLETE.BAT file runs
Restart - akilpatrick 11 years ago
are all the apps getting installed? is the c:\kace directory still there? - SMal.tmcc 11 years ago
Yes, all the apps are installed. Yes, the directory still exists. - akilpatrick 11 years ago
If the c:\kace still exists means the post install did not finish due to the chain breaking, either by restart or just not returniing from a sub batch file to the main file.

I suspect office is restarting breaking the chain. Is the agent installed?

If you look at the c:\kace directory you will see the batch file kace creates to run all the post tasks from the applications subdirectory.

Try moving the steps around in your post installs and put whatever is doing the restart last. - SMal.tmcc 11 years ago
I have tried moving the tasks around and the autologin still doesn't work. I don't know... if I manually run it, it works fine. This is confusing. Happy Thanksgiving! I'll be returning to work this coming Monday. - akilpatrick 11 years ago
Alright, so I pulled off all the tasks and left just the post install task that is running the autologin script... Looks like I have found part of the problem. The account we created when we setup the scripted deployment was named 'kaceadmin'. It autologins fine, but by then the script has already ran to delete and create the other users. I'm going to work with it some more and see what I can do, but wanted to give you an update for now... - akilpatrick 11 years ago
I have found a fix... Here's what I did!

I setup two bat scripts to run back to back. The first one I named delete setup account and here is what I wrote.

start /wait reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1 /f
start /wait reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d SSCC /f
start /wait reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d sscc /f
start /wait reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v ForceAutoLogon /d 1 /f
start /wait reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DisableCAD /t REG_DWORD /d 1 /f
start /wait net user kaceadmin /delete

The second has:

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1 /f
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d SSCC /f
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d sscc /f
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v ForceAutoLogon /d 1 /f
start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DisableCAD /t REG_DWORD /d 1 /f

One with the "delete" command and the second with the "add" command and now it is working perfectly! Thank you for all your help!!!! I greatly appreciate it! - akilpatrick 11 years ago
- This has been working fine up until the 3.6 update on the K2000. I haven't changed anything. Any suggestions? - akilpatrick 10 years ago
been on vacation, glad you worked the order out. I do same thing with my answer file and post scripts, have a self destructing user. - SMal.tmcc 11 years ago
So, I am now working on a Windows 7 32-Bit machine deployment... The above mentioned works well for Windows 7 x64, but not for x86.

Could you assist me in auto login for 32-bit? I greatly appreciate all your help! - akilpatrick 11 years ago

Answer this question

Posted by:

View more:

Scripting Questions

question