Script for autologon

Question

I have an AD server enviroment, and some of the users need to autologon directly.

I know that I can change some values on RegEdit to do so, and I am trying to create a script or .reg file to change those automatically, so I won't need to input the data manually in the future and my co-workers can do the same thing without asking me.

So far I have the following line:

reg add Regedt32.exe "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1

…but it won't work, I think it is because I need an administrative login to make this modifications.

Is there any way to prompt a user and password box when I try to run the script or a reg file? or if someone have a better sintax for me to use this?

Answer 1

supposed you have admin rights,

autologon.cmd

@echo off
set "_key_logon_=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"

echo User to be Autologged 
set/P user="*     user: "
set "psCmd=powershell -Command "$pwd = read-host '* password' -AsSecureString; $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwd); [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /F "usebackq delims=" %%P in (`%psCmd%`) do set "pass=%%P"

:setReg
reg add "%_key_logon_%" /V "AutoAdminLogon" /T REG_SZ /D "1" /F >NUL 2>&1
reg add "%_key_logon_%" /V "DefaultUserName" /T REG_SZ /D "%user%" /F >NUL 2>&1
reg add "%_key_logon_%" /V "DefaultPassword" /T REG_SZ /D "%pass%" /F >NUL 2>&1
exit/B 0

you can hardcore username and password instead of asking, but sure it is NOT a good idea

Another one if not running admin, but knowing admin credentials

@echo off
set "_key_logon_=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"
set "user=%~1"
set "pass=%~2"
if "%user%" neq "" if "%pass%" neq "" goto :setReg

rem admin credentials
echo Sign in with your ADM ID  
set/P adminUser="*     user: "
call:getPass adminPass

rem test credentials
call :askIsAdmin || (echo Invalid credentials or not enough rights. & exit /B)

rem user credentials
echo/  
echo User to be Autologged 
set/P user="*     user: "
call:getPass pass

rem now elevate
call :elevateScript && exit /B 0

:setReg
reg add "%_key_logon_%" /V "AutoAdminLogon" /T REG_SZ /D "1" /F >NUL 2>&1
reg add "%_key_logon_%" /V "DefaultUserName" /T REG_SZ /D "%user%" /F >NUL 2>&1
reg add "%_key_logon_%" /V "DefaultPassword" /T REG_SZ /D "%pass%" /F >NUL 2>&1
exit/B 0

rem helper pass reader
:getPass
SetLocal
set "psCmd=powershell -Command "$pwd = read-host '* password' -AsSecureString; $BSTR=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwd); [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)""
for /F "usebackq delims=" %%P in (`%psCmd%`) do set "pwd=%%P"
if "%pwd%" EQU "" EndLocal & exit/B 1
EndLocal & set "%1=%pwd%"
doskey /listsize=0 >NUL 2>&1 & doskey /listsize=50 >NUL 2>&1        & rem clear keyboard buffer
exit/B 0

rem helper admin rights tester
:askIsAdmin
set "psCmd=powershell -Command "$p='%adminPass%'^|convertto-securestring -asplaintext -force;$c=new-object -typename system.management.automation.pscredential^('%adminUser%',$p^);start-process 'powershell' '-Command "write-host ^([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent^(^)^).IsInRole^([Security.Principal.WindowsBuiltInRole]::Administrator^)"' -credential $c -passthru -wait;""
for /F "usebackq delims=" %%A in (`%psCmd%`) do @set "result=%%A"
echo %result% | find /I "true">NUL 2>&1 && set/A ret=0
EndLocal & exit/B %ret%
exit/B 1

rem helper elevate script
:elevateScript
SetLocal
set "_vbs_file_=%TEMP%\runadmin.vbs"
echo set oWS ^= CreateObject^("wScript.Shell"^)>"%_vbs_file_%"
echo strcmd="C:\Windows\system32\runas.exe /user:%COMPUTERNAME%\%adminUser% " + """%~f0 %user% %pass%""">>"%_vbs_file_%"
echo oWS.run strcmd, 2, false>>"%_vbs_file_%"
echo wScript.Sleep 100>>%_vbs_file_%
echo oWS.SendKeys "%adminPass%{ENTER}">>%_vbs_file_%
if exist "%TEMP%\runadmin.vbs" (set "_spawn_=%TEMP%\runadmin.vbs") else (set "_spawn_=runadmin.vbs")
ping 1.1.1.1 -n 1 -w 50 >NUL
start /B /WAIT cmd /C "cls & "%_spawn_%" & del /F /Q "%_spawn_%" 2>NUL"
EndLocal
exit/B 0

NOTE: take into account that password is stored plain text in DefaultPassword registry key