0

Recently, one of our employee has left his computer in the customer's office, which could possibly leak some information from that device(Thankfully, it didn't happened). Right now, all of our computer has enabled auto login, and it's almost a hundred. So, I've been wondering if it's possible to disable it by using Group Policy Editor. Our server is running Windows server 2016.

All of the computer's auto-login was enabled via regedit one by one, so if we could disable/delete it by using gpedit, it'd be better than disabling/deleting it one by one.

Thanks in advance.

Skye-AT
  • 103
  • 4

1 Answers1

1

Registry keys involved in auto logon in Windows are documented here:

https://docs.microsoft.com/en-us/troubleshoot/windows-server/user-profiles-and-logon/turn-on-automatic-logon

You can deploy a Group Policy Preference (in Computer Configuration) to delete these values: DefaultPassword and AutoAdminLogon.

Swisstone
  • 6,357
  • 7
  • 21
  • 32
  • Thanks! I'll give this a try at tomorrow. I've searched a little, and found out [this](https://theitbros.com/add-modify-and-delete-registry-keys-using-group-policy/) method to delete registry value. Is this the right path? – Skye-AT Sep 06 '21 at 18:18
  • @Skye-AT yes, absolutely. – Swisstone Sep 06 '21 at 18:21
  • I'm kinda stuck. I've tried to delete registry value/key but there seems to be none. It should be in `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon`, right? I actually do remember that I've set it up in that path, though I can't find it. Is there anything am I missing? – Skye-AT Sep 07 '21 at 06:24
  • @Skye-AT Are you checking directly with regedit on a client computer, or with the wizard in group policy editor ? Please check directly on a client computer, you should see, at least AutoAdminLogon. – Swisstone Sep 07 '21 at 10:35
  • Yes I can see it. Though, if I'm going to delete the values, isn't it necessary to be able to see it on the Group Policy Editor?(as in `Use the Registry Browser to select a parameter or key;`, quote from the website that I linked above) Or can it be deleted without being visible in group policy editor? – Skye-AT Sep 07 '21 at 16:55
  • 1
    @Skye-AT No, you are not required to select the value in the Editor, this is just a convenience. You can manually enter the full path, just select "New" -> "Registry Item" instead of "Registry Wizard, they are doing that too in the site you linked if you scroll down a bit. However, in their screenshot they wrote "hkey_local_machine" at the beggining of the "Key Path" and this is wrong, just select "hkey_local_machine" from the dropdown menu and then write the path starting with "software" directly – Swisstone Sep 07 '21 at 17:26
  • Ah, that's the key! Now it did work. Thanks for the help! – Skye-AT Sep 07 '21 at 18:13