لطفا منتظر باشید ...
Hack 4 Automatically Log On After Booting
It's sometimes convenient to
configure machines to log on automatically when booted. Here are
three ways to do this.
In all versions of Windows that are based on Windows NT (including Windows
2000, Windows XP, and Windows Server 2003), a user is required to log
on before he can use the system interactively. This is usually done
by pressing Ctrl-Alt-Del and typing the user's
credentials. Automatic logon is an option you can set to enable
Windows to log on automatically using credentials that are stored in
the Registry. To invoke automatic logon, you set Registry entries
that define the user ID, the password, and the domain to be used to
log on. Why use this feature? There are a number of reasons. As an IT
professional, I have several of my home systems set up to do this,
and it makes life simpler. Test systems in a lab might be another
place to use this feature. I also use it all the time on virtual
machine images I have running on my laptop.
Automatic login makes things simpler, but it creates a security hole.
First, the credentials are stored in clear text in the Registry.
Thus, anyone with remote Registry privileges can see the clear text
user ID and password. Also, if you have automatic logon set on a
laptop, anyone who turns on the laptop is automatically logged in as
you. So use this feature carefully!
Manual Configuration
You can configure automatic logon manually by
adding the following four key Registry entries:
AutoAdminLogon,
DefaultDomainName,
DefaultUserName, and
DefaultPassword. These entries inform Windows
whether to attempt automatic logon and provide the credentials
(username, password, and domain).
Start Registry Editor
(Start
Runregedit)and find the Registry key HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon, which is where the Registry
values you set to control automatic logon are located. Two of these
values, DefaultDomainName and
DefaultUserName, already exist.
DefaultDomainName is a string that holds the
domain (or workstation) name where the user ID exists, and
DefaultUserName is the user ID that Winlogon will
attempt to use to log on. This username is authenticated against the
domain (or workstation) name set in the
DefaultDomainName setting.
Now, create two new values by right-clicking on Winlogon and
selecting New
String Value, which will create newvalues of type REG_SZ. Name the first value
AutoAdminLogon, and specify a value data of
1 to instruct Winlogon to attempt to use automatic
logon. Name the second value DefaultPassword; this
value specifies the password for the user set in the
DefaultUserName setting.
The result will looking like Figure 1-7.
Figure 1-7. Enabling automatic logon by editing the Registry
Script Method
An easier way to configure automatic logon on your
machines is to use two VBScript scripts, one to enable automatic
logon and the other to disable it. Here's the script
for enabling it:
' Script to turn on automatic logon
' (c) Thomas Lee 2002
' Freely distributed!
Dim Prompt, oWSH,UserName, UserPass, UserDomain
set oWSH = WScript.CreateObject("WScript.Shell")
' get user name
Prompt = "Enter the autologon user name"
UserName = InputBox(Prompt, Title, ")
' get password
Prompt = "Enter the autologon user password for " & UserName
UserPass = InputBox(Prompt, Title, ")
' get domain
Prompt = "Enter the autologon user domain for " & UserName
Userdomain = InputBox(Prompt, Title, ")
' now set these in the Registry
oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon",
"1","REG_SZ"
oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonDefaultDomainName", UserDomain, "REG_SZ"
oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonDefaultUserName", UserName, "REG_SZ"
oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonDefaultPassword", UserPass, "REG_SZ"
' ensure the change is persistent!
oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\ForceAutoLogon",
"1", "REG_SZ"
' All done
And here's the script for disabling automatic logon:
' Script to remove autoadmin logon
' (c) Thomas Lee 2002
' Freely distributed!
Option Explicit
On Error Resume Next
'Declare variables
Dim Prompt, oWSH
'Set the Windows Script Host Shell
set oWSH = WScript.CreateObject("WScript.Shell")
' delete the relevant keys
oWSH.RegDelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonAutoAdminLogon"
oWSH.RegDelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonDefaultDomainName"
oWSH.RegDelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonDefaultUserName"
oWSH.RegDelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonDefaultPassword"
' All done - say goodbye!
Legend = "Autoadmin removed - have a nice day!"
MyBox = MsgBox (legend, 4096, "We're Done")
You can use Notepad to type these scripts and save them with a
.vbs file extension, or download
autoadminlogon.vbs and
noautoadminlogon.vbs from http://www.oreilly.com/catalog/winsvrhks/.
Sysinternals Tool
Finally, here's one more
way to configure automatic logon on
machines. Mark Russinovich, of Sysinternals fame, also wrote a simple
program to do this. You can download the program and the source from
http://www.sysinternals.com/ntw2k/source/misc.shtml#AutoLogon,
where you can find lots of other great tools.
Thomas Lee
