Microsoft KB Archive/920319

= Users are not automatically logged on to the domain when you apply a startup script to automate the logon process on computers that are running Windows Fundamentals for Legacy PCs =

Article ID: 920319

Article Last Modified on 8/30/2006

-

APPLIES TO


 * Windows Fundamentals for Legacy PCs

-



Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry



SUMMARY
''This article describes an issue that occurs when you create a startup script to automate the logon process on computers that are running Microsoft Windows Fundamentals for Legacy PCs. This startup script configures registry entries that let users automatically log on to the domain. However, when users start their computers, they are not automatically logged on to the domain. This article describes four methods that you can use to work around this issue.''



SYMPTOMS
Consider the following scenario. You create a startup script to automate the logon process on computers that are running Windows Fundamentals for Legacy PCs. This startup script configures the registry entries that let users automatically log on to the domain when they start their computers. For example, you create a startup script that contains the following code. Set ws = WScript.CreateObject(&quot;WScript.Shell&quot;)

registrykey = &quot;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\&quot;

user = &quot;UserName&quot; password = &quot;Password&quot; domain = &quot;DomainName&quot;

ws.RegWrite registrykey & &quot;DefaultUserName&quot;, user ws.RegWrite registrykey & &quot;DefaultPassword&quot;, password ws.RegWrite registrykey & &quot;DefaultDomainName&quot;, domain ws.RegWrite registrykey & &quot;AutoAdminLogon&quot;, 1 ws.RegWrite registrykey & &quot;DontDisplayLastUserName&quot;, 0 You then create a Group Policy object (GPO) on the domain controller, and this GPO applies the startup script to computers that are running Windows Fundamentals for Legacy PCs. However, when a user starts one of the computers in question, the user is not automatically logged on to the domain. Instead, the Welcome to Windows dialog box is displayed. The user must press CTRL+ALT+DELETE in the Welcome to Windows dialog box and then manually log on to the domain.



CAUSE
This issue occurs because Windows Fundamentals for Legacy PCs processes the policies that are contained in the startup script only after a user presses CTRL+ALT+DELETE in the Welcome to Windows dialog box.



WORKAROUND
Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

To work around this issue, use one of the following methods.

Method 1: Modify the startup script to set the value of the ForceAutlogon registry entry to 1
Modify the startup script to set the value of the ForceAutologon registry entry in the following registry subkey to 1:

To do this, add the following code to the end of the startup script. ws.RegWrite registrykey & &quot;ForceAutologon&quot;, 1 The following is an example of a startup script that contains code to set the value of the ForceAutologon registry to 1. Set ws = WScript.CreateObject(&quot;WScript.Shell&quot;)

registrykey = &quot;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\&quot;

user = &quot;UserName&quot; password = &quot;Password&quot; domain = &quot;DomainName&quot;

ws.RegWrite registrykey & &quot;DefaultUserName&quot;, user ws.RegWrite registrykey & &quot;DefaultPassword&quot;, password ws.RegWrite registrykey & &quot;DefaultDomainName&quot;, domain ws.RegWrite registrykey & &quot;AutoAdminLogon&quot;, 1 ws.RegWrite registrykey & &quot;DontDisplayLastUserName&quot;, 0 ws.RegWrite registrykey & &quot;ForceAutologon&quot;, 1 Note When you use this method, the user must restart the computer that is running Windows Fundamentals for Legacy PCs two times before the user is automatically logged on to the domain. Additionally, if you are an administrator, you cannot use the Remote Desktop feature to remotely log on to the computer.

Method 2: Modify the startup script to restart the computer
Modify the startup script to restart the computer after the script configures the registry entries. To do this, follow these steps:  Copy the Shutdown.exe command-line tool from a computer that is running Microsoft Windows Server 2003 or Microsoft Windows XP to the :\Windows\System folder on a computer that is running Windows Fundamentals for Legacy PCs.  Add the Shutdown.exe command line to the startup script. The following is an example of a startup script that contains code that includes the Shutdown.exe command line. on error resume next Set ws = WScript.CreateObject(&quot;WScript.Shell&quot;)

registrykey = &quot;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\&quot;

user = &quot;UserName&quot; password = &quot;Password&quot; domain = &quot;DomainName&quot;

CurrentDomain = ws.RegRead (registrykey & &quot;DefaultDomainName&quot;) CurrentPassword = ws.RegRead (registrykey & &quot;DefaultPassword&quot;) CurrentAutoAdminLogon = ws.RegRead (registrykey & &quot;AutoAdminLogon&quot;) CurrentUserName = ws.RegRead (registrykey & &quot;DefaultUserName&quot;)

if (CurrentUserName <> user) or _ (CurrentPassword <> password) or _ (CurrentDomain <> domain) or _ (CurrentAutoAdminLogon <> 1) then

ws.RegWrite registrykey & &quot;DefaultUserName&quot;, user ws.RegWrite registrykey & &quot;DefaultPassword&quot;, password ws.RegWrite registrykey & &quot;DefaultDomainName&quot;, domain ws.RegWrite registrykey & &quot;AutoAdminLogon&quot;, 1 ws.RegWrite registrykey & &quot;DontDisplayLastUserName&quot;, 0

ws.Run (&quot;shutdown.exe -r -t 5 -f -d P:4:2&quot;) end if 

Method 3: Disable the Fast Logon Optimization feature in Windows Fundamentals for Legacy PCs
Disable the Fast Logon Optimization feature in Windows Fundamentals for Legacy PCs. To do this, enable the &quot;Always wait for the network at computer startup and logon&quot; policy setting. To enable this policy setting, follow these steps:
 * 1) Open the appropriate policy object.
 * 2) Expand Computer Configuration, expand Administrative Templates, expand System, and then click Logon.
 * 3) In the right pane, double-click Always wait for the network at computer startup and logon.
 * 4) Click Enabled, and then click OK.

Note When you use this method, the Welcome to Windows dialog box is displayed when a user starts the computer. After the user presses CTRL+ALT+DELETE, the user is logged on to the domain. The user does not have to type a user name or password.

Method 4: Instruct users to wait four to five minutes before they press CTRL+ALT+DELETE
The next time that a user starts the computer, instruct that user to wait four to five minutes before he or she presses CTRL+ALT+DELETE in the Welcome to Windows dialog box. After the user performs this procedure one time, the user will be automatically logged on to the domain every subsequent time that he or she starts the computer. However, the user must perform this procedure again if a different user logs on to the domain on the same computer.



MORE INFORMATION
For more information about Windows Fundamentals for Legacy PCs, visit the following Microsoft Web site:

http://www.microsoft.com/licensing/sa/benefits/fundamentals.mspx

Additional query words: autologon SAS Secure Authentication Sequence

Keywords: kbprb kbtshoot kbexpertiseinter KB920319

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.