Friday, 19 November 2010

Automatic logon in Windows systems

For process automation it can be handy to have scripts running to restart machines after installing update packs, or just for regular maintenance. One trick that I have found really handy when I restart a server, is to have it log on automatically. But this is only one application for automatic logon. Shared workstations, terminals, remote machines are all areas where it is potentially useful.

In this post, I'll outline a few way to manage your accounts to allow automatic login either locally or remotely.

First of all, if you have administrative rights, you can use User Account Control to remove the need for users to log in using a password.
  • To do this, go to Start -> Run -> enter "control userpasswords2"
  • In the User Accounts window, un-check "Users must enter a user name and password to use this computer"
  • That's it.

On a related note: If you manage several computers, you may wish to save passwords for all of them locally, so that you can easily administer them from your computer, without leaving them unsecure by removing the password on each machine:
  • Open the User Accounts window as step 1 shows.
  • Under the Advanced tab, click Manage Passwords.

  • You can use the Stored User Names and Passwords windows to store credentials for servers, websites and programs:
  •  It goes without saying, make sure your PC has a strong password if you are going to use it to store credentials for several websites and servers.

Lastly, for those who prefer to do things themselves, you can edit the registry to allow windows to automatically log in. The registry keys you need to edit are in the folder HKEY_LOCAL_MACHINE -> SOFTWARE -> Microsoft -> Windows NT -> Current Version -> Winlogon.

You need to add the following keys - DefaultUserName, DefaultPassword, AutoAdminLogon. The first 2 of these string registry keys should beset to the username and password of the administrator account. AutoAdminLogon should be set to "1". 

This last method is best used either if you are the only person with access to the machine, or if security is not an issue with this machine - e.g.: with a shared workstation - because the password is shown to anyone who knows where to look in registry. You wouldn't want to do this with your personal laptop where you store private information.

Hope this helps ;)

No comments: