Windows Reg Entry: Automatic login requires two reboots before working, how to fix?

0

Here at work we have a policy for "general public" use and office machines. The general public use require specific profile settings and for ease of use, we have them logging in automatically utilizing a registry entry:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultUserName"="Shared"
"AutoAdminLogon"="1"
"DefaultDomainName"="Domain"
"DefaultPassword"="Password"
"ForceAutoLogon"="1"

This requires a reboot, then an additional reboot before the change actually takes place when deploying this reg entry on a new machine. It creates additional work and is a slight annoyance.

How can this be fixed? Presumably this happens because the account hasn't been created yet? I am trying to wrap my head around this and come up with a better solution or an addition to the code here to fix this problem. In a perfect world, the changes should take effect immediately such that if I were to logout after applying the reg entry, I would be logged back in immediately under the Shared username.

user238322

Posted 2013-07-15T18:33:29.477

Reputation:

Answers

0

Only one reboot is technically required. The problem is that group-policies will apply on their own over-time.... or on a reboot (your first), and then the second reboot is when you actually see the auto-logon. Two solutions could be:

1) Apply the policy... then wait until the group-policy would naturally apply (could be anywhere from a few minutes and up.) and then reboot.

2) Apply the policy then force the policy to apply using gpupdate /force, and then reboot.

TheCompWiz

Posted 2013-07-15T18:33:29.477

Reputation: 9 161

Hmm. This didn't work. I just forced the update and rebooted and I am greeted with a "Press C + A + D to log on" screen. It should have auto logged in under the Shared account requiring no interaction from the end user. This is where I normally log back in AGAIN, apply the reg entry AGAIN, and reboot - then it finally auto logins. – None – 2013-07-15T18:47:08.443

Do you have multiple domain controllers? perhaps you apply the policy on one... and it takes a long time before the policy replicates to the other domain controllers... – TheCompWiz – 2013-07-15T18:56:08.627

I was just told by my Systems Administrator we have over 100. Guess there's my answer. – None – 2013-07-15T19:06:35.340

So my next question is, how do I force a policy update on a specific domain controller for a specific machine? – None – 2013-07-15T19:11:12.390

I don't believe you can force a workstation to use a specific domain controller. You generally can setup sites & services to "prefer" one (or a few) over others... but I don't think you can dictate which DC to use. On the other-side of the coin... you can pick which DC to make your changes on... You can check the %LOGONSERVER% variable to see which server it is currently connecting to... and write changes to that server... rather than the first-writable. – TheCompWiz – 2013-07-15T19:28:14.417

Asked: 2013-07-15T18:33:29.477

Viewed: 332 times

Active: 2013-07-15T18:41:11.010