Windows Server Hack [Electronic resources]

Mitch Tulloch

نسخه متنی -صفحه : 163/ 24

Hack 4 Automatically Log On After Booting

It's sometimes convenient to configure machines to log on automatically when booted. Here are three ways to do this.

In all versions of Windows that are based on Windows NT (including Windows 2000, Windows XP, and Windows Server 2003), a user is required to log on before he can use the system interactively. This is usually done by pressing Ctrl-Alt-Del and typing the user's credentials. Automatic logon is an option you can set to enable Windows to log on automatically using credentials that are stored in the Registry. To invoke automatic logon, you set Registry entries that define the user ID, the password, and the domain to be used to log on. Why use this feature? There are a number of reasons. As an IT professional, I have several of my home systems set up to do this, and it makes life simpler. Test systems in a lab might be another place to use this feature. I also use it all the time on virtual machine images I have running on my laptop.

Automatic login makes things simpler, but it creates a security hole. First, the credentials are stored in clear text in the Registry. Thus, anyone with remote Registry privileges can see the clear text user ID and password. Also, if you have automatic logon set on a laptop, anyone who turns on the laptop is automatically logged in as you. So use this feature carefully!

Manual Configuration

You can configure automatic logon manually by adding the following four key Registry entries: AutoAdminLogon, DefaultDomainName, DefaultUserName, and DefaultPassword. These entries inform Windows whether to attempt automatic logon and provide the credentials (username, password, and domain).

Start Registry Editor (StartRunregedit) and find the Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, which is where the Registry values you set to control automatic logon are located. Two of these values, DefaultDomainName and DefaultUserName, already exist. DefaultDomainName is a string that holds the domain (or workstation) name where the user ID exists, and DefaultUserName is the user ID that Winlogon will attempt to use to log on. This username is authenticated against the domain (or workstation) name set in the DefaultDomainName setting.

Now, create two new values by right-clicking on Winlogon and selecting NewString Value, which will create new values of type REG_SZ. Name the first value AutoAdminLogon, and specify a value data of 1 to instruct Winlogon to attempt to use automatic logon. Name the second value DefaultPassword; this value specifies the password for the user set in the DefaultUserName setting.

The result will looking like Figure 1-7.

Figure 1-7. Enabling automatic logon by editing the Registry

Script Method

An easier way to configure automatic logon on your machines is to use two VBScript scripts, one to enable automatic logon and the other to disable it. Here's the script for enabling it:

' Script to turn on automatic logon ' (c) Thomas Lee 2002 ' Freely distributed! Dim Prompt, oWSH,UserName, UserPass, UserDomain set oWSH = WScript.CreateObject("WScript.Shell") ' get user name Prompt = "Enter the autologon user name" UserName = InputBox(Prompt, Title, ") ' get password Prompt = "Enter the autologon user password for " & UserName UserPass = InputBox(Prompt, Title, ") ' get domain Prompt = "Enter the autologon user domain for " & UserName Userdomain = InputBox(Prompt, Title, ") ' now set these in the Registry oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\

Winlogon\AutoAdminLogon", "1","REG_SZ" oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\

WinlogonDefaultDomainName", UserDomain, "REG_SZ" oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\

WinlogonDefaultUserName", UserName, "REG_SZ" oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\

WinlogonDefaultPassword", UserPass, "REG_SZ" ' ensure the change is persistent! oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\

Winlogon\ForceAutoLogon", "1", "REG_SZ" ' All done

And here's the script for disabling automatic logon:

' Script to remove autoadmin logon ' (c) Thomas Lee 2002 ' Freely distributed! Option Explicit On Error Resume Next 'Declare variables Dim Prompt, oWSH 'Set the Windows Script Host Shell set oWSH = WScript.CreateObject("WScript.Shell") ' delete the relevant keys oWSH.RegDelete "HKLM\SOFTWARE\Microsoft\Windows NT\

CurrentVersion\WinlogonAutoAdminLogon" oWSH.RegDelete "HKLM\SOFTWARE\Microsoft\Windows NT\

CurrentVersion\WinlogonDefaultDomainName" oWSH.RegDelete "HKLM\SOFTWARE\Microsoft\Windows NT\

CurrentVersion\WinlogonDefaultUserName" oWSH.RegDelete "HKLM\SOFTWARE\Microsoft\Windows NT\

CurrentVersion\WinlogonDefaultPassword" ' All done - say goodbye! Legend = "Autoadmin removed - have a nice day!" MyBox = MsgBox (legend, 4096, "We're Done")

You can use Notepad to type these scripts and save them with a .vbs file extension, or download autoadminlogon.vbs and noautoadminlogon.vbs from http://www.oreilly.com/catalog/winsvrhks/.

Sysinternals Tool

Finally, here's one more way to configure automatic logon on machines. Mark Russinovich, of Sysinternals fame, also wrote a simple program to do this. You can download the program and the source from http://www.sysinternals.com/ntw2k/source/misc.l#AutoLogon, where you can find lots of other great tools.

Thomas Lee