autologon in active Directory

[Rockstar]

Can the password just be inserted into DefaultPassword registry for it
to be recognised or does anything else need to happen?

I've been looking at the following tool:

http://shellrevealed.com/files/folders/code/entry4411.aspx

This encrypts the password.

Currently I am trying an autologon by specifying

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon]
"AutoAdminLogon"="1"
"DefaultUserName"="user1"
"DefaultPassword"="P££sw0rd"
"DefaultDomainName"="UnitedEnergy"

Are there any problems that people have come across by specifying the
credentials straight in registry.

 

[Zaphod Beeblebrox]

Can the password just be inserted into DefaultPassword registry for it
to be recognised or does anything else need to happen?

I've been looking at the following tool:

http://shellrevealed.com/files/folders/code/entry4411.aspx

This encrypts the password.

Currently I am trying an autologon by specifying

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon]
"AutoAdminLogon"="1"
"DefaultUserName"="user1"
"DefaultPassword"="P££sw0rd"
"DefaultDomainName"="UnitedEnergy"

Are there any problems that people have come across by specifying the
credentials straight in registry.

We deploy auto-logon systems that way, and it works fine. No need to
encrypt the password for two reasons:

1, Vista removes it from the registry and stores it somewhere else (not
sure when it does this, but it does - after setting the registry and
restarting to check the auto-logon, I checked the registry and the
DefaultPassword entry had been removed). Don't know where Vista stores
it, or if it is encrypted, or what. Never bothered to look into it,
because

2, If you are logged in as that user, why do you need the logon
password? Having it doesn't seem to give any advantage I can think of,
so it doesn't matter if it is encrypted or not. I could be wrong (and
if I am, I'm sure someone will correct me).

--
Zaphod

Arthur: All my life I've had this strange feeling that there's something
big and sinister going on in the world.
Slartibartfast: No, that's perfectly normal paranoia. Everyone in the
universe gets that.

 

[Rockstar]

There are times where having a kiosk-like system that logs in
automatically to a specific user account is the only reasonable way to
do things. As long as it is done with a limited user account the
increased risk is minimal.

As to "defeats the main purpose of even having active directory", I hope
you don't think that active directory's main purpose has anything to do
with increasing security...

this is for deployment purposes.

a script needs to run to setup over 3000 notebooks. Once this runs, the
autologon is disabled for ever.

Users have passwords and hands to type these, this is not used as a work
around for lazy users.

 

[Zaphod Beeblebrox]

this is for deployment purposes.

a script needs to run to setup over 3000 notebooks. Once this runs,
the autologon is disabled for ever.

Users have passwords and hands to type these, this is not used as a
work around for lazy users.

We also use autologon of the administrator account during initial
deployment of new systems and clear it out when done, all through the
registry as you are planning. No problems. Good luck, I hope everything
goes well.