blue4603

Autologon in Autounattend.xml

24 posts in this topic

Hi

I have been trying to get windows 7 to auto logon with the administrator account after finishing the installation but it is still not working.

here is my autounattend.xml file

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="windowsPE">
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
</SetupUILanguage>
<UILanguage>en-US</UILanguage>
<UserLocale>ar-SA</UserLocale>
<InputLocale>0401:00000401</InputLocale>
</component>
<component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UserData>
<ProductKey>
<Key>D4F6K-QK3RD-TMVMJ-BBMRX-3MBMV</Key>
<WillShowUI>OnError</WillShowUI>
</ProductKey>
<AcceptEula>true</AcceptEula>
</UserData>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Enabled>true</Enabled>
<Password>
<Value />
</Password>
<LogonCount>9999999</LogonCount>
<Username>Administrator</Username>
</AutoLogon>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
</OOBE>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ComputerName>pcname</ComputerName>
</component>
</settings>
<cpi:offlineImage cpi:source="wim:E:/sources/install.wim#Windows 7 Ultimate" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

Regards

0

Share this post


Link to post
Share on other sites

See the relevant section of my xml auto logon, admin group.

BTW don't post your product key...

</component>

<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<AutoLogon>

<Enabled>true</Enabled>

<LogonCount>99</LogonCount>

<Username>****</Username>

<Password>

<PlainText>false</PlainText>

<Value>dAB5AHMAbwBuAFAAYQBzAHMAdwBvAHIAZAA=</Value>

</Password>

</AutoLogon>

<RegisteredOrganization>****</RegisteredOrganization>

<RegisteredOwner>****</RegisteredOwner>

<TimeZone>AUS Eastern Standard Time</TimeZone>

<StartPanelOff>false</StartPanelOff>

<ComputerName>****</ComputerName>

<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet>

<DoNotCleanTaskBar>true</DoNotCleanTaskBar>

</component>

<component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<SkipAutoActivation>false</SkipAutoActivation>

</component>

<component name="Microsoft-Windows-Deployment" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<RunSynchronous>

<RunSynchronousCommand wcm:action="add">

<Order>1</Order>

<Path>cmd /c "FOR %i IN (C D E F G H I J K L N M O P Q R S T U V W X Y Z) DO IF EXIST %i:\AppsRoot.txt SETX AppsRoot %i:\ -m"</Path>

<Description>Path</Description>

</RunSynchronousCommand>

<RunSynchronousCommand wcm:action="add">

<Order>2</Order>

<Path>reg add "HKLM\Software\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 00000001 /f</Path>

<Description>Network Setup Tweak</Description>

</RunSynchronousCommand>

</RunSynchronous>

</component>

</settings>

<settings pass="oobeSystem">

<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<TimeZone>AUS Eastern Standard Time</TimeZone>

<VisualEffects>

<FontSmoothing>ClearType</FontSmoothing>

</VisualEffects>

<RegisteredOwner>****</RegisteredOwner>

<RegisteredOrganization>****</RegisteredOrganization>

<StartPanelOff>false</StartPanelOff>

<OOBE>

<HideEULAPage>true</HideEULAPage>

<NetworkLocation>Work</NetworkLocation>

<ProtectYourPC>3</ProtectYourPC>

<SkipUserOOBE>true</SkipUserOOBE>

<SkipMachineOOBE>true</SkipMachineOOBE>

</OOBE>

<UserAccounts>

<LocalAccounts>

<LocalAccount wcm:action="add">

<DisplayName>****</DisplayName>

<Name>****</Name>

<Group>Administrators</Group>

<Password>

<PlainText>false</PlainText>

<Value>dAB5AHMAbwBuAFAAYQBzAHMAdwBvAHIAZAA=</Value>

</Password>

</LocalAccount>

</LocalAccounts>

</UserAccounts>

<Display>

<HorizontalResolution>1024</HorizontalResolution>

<VerticalResolution>768</VerticalResolution>

<ColorDepth>32</ColorDepth>

<DPI>96</DPI>

</Display>

<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet>

<DoNotCleanTaskBar>true</DoNotCleanTaskBar>

<ShowWindowsLive>true</ShowWindowsLive>

</component>

<component name="Microsoft-Windows-Sidebar" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<SidebarOnByDefault>false</SidebarOnByDefault>

<Gadget1>%PROGRAMFILES%\windows sidebar\gadgets\SlideShow.gadget,true</Gadget1>

<Gadget3>%PROGRAMFILES%\windows sidebar\gadgets\RSS.Gadget,false</Gadget3>

<Gadget2>%PROGRAMFILES%\windows sidebar\gadgets\Clock.Gadget,true</Gadget2>

</component>

</settings>

<settings pass="auditSystem">

<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet>

<TimeZone>AUS Eastern Standard Time</TimeZone>

<StartPanelOff>false</StartPanelOff>

<DoNotCleanTaskBar>true</DoNotCleanTaskBar>

</component>

</settings>

<settings pass="offlineServicing">

<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<FirstLogonCommands>

<SynchronousCommand wcm:action="add">

<Order>1</Order>

<Description>Running FirstLog.cmd</Description>

<CommandLine>cmd /C start /wait %systemdrive%\Install\FirstLog.cmd</CommandLine>

</SynchronousCommand>

</FirstLogonCommands>

<OEMInformation>

<Logo>c:\windows\System32\oemlogo.bmp</Logo>

<Manufacturer>Seven UA</Manufacturer>

<Model>001</Model>

<SupportHours>All</SupportHours>

<SupportPhone>1000</SupportPhone>

</OEMInformation>

<DoNotCleanTaskBar>true</DoNotCleanTaskBar>

<StartPanelOff>false</StartPanelOff>

</component>

</settings>

<cpi:offlineImage cpi:source="wim:c:/se7en_ua/uadvd/sources/install.wim#Windows 7 ULTIMATE" xmlns:cpi="urn:schemas-microsoft-com:cpi" />

</unattend>

Hope that helps.

0

Share this post


Link to post
Share on other sites
See the relevant section of my xml auto logon, admin group.

BTW don't post your product key...

OK. Thanks for the help

by the way that is not my product key. That is the default key installed if you do not provide a key to the installation process.

I will test it and give you my feedback

Regards

0

Share this post


Link to post
Share on other sites

No worries, the Autologon sections are identical to the Vista UA values which are covered in depth on this board.

0

Share this post


Link to post
Share on other sites

hi,

It worked finally. Thanks man.

Now I have one slight problem. how about if I want it to auto logon to the built in administrator account?

Regards

0

Share this post


Link to post
Share on other sites

Not sure if it can be done, would like this myself. Same as XP.

0

Share this post


Link to post
Share on other sites
how about if I want it to auto logon to the built in administrator account?
I was thinking, why not use SetupComplete.cmd to enable the Administrator account and force Auto Login. I think it can be done, M$ only disabled the account, is very simple to re-enable. Maybe I would try something like this.

SetupComplete.cmd

Net user administrator /active:yes
Regedit /s %~dp0AUTOLOGIN.REG
NET USER MrJinje /DELETE

AUTOLOGIN.REG

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultUserName"="Administrator"
"DefaultPassword"=""
"AutoAdminLogon"="1"
"ForceAutoLogon"="1"

Just add an AutoUnattend.xml and change the Net User Delete Script with whatever account name your use.

In theory, this should avoid ever having to login with that account, thus preventing a folder from being created in the users directory.

Edited by MrJinje
0

Share this post


Link to post
Share on other sites

I am try your instruction and I must say that works!I am look for instruction like this one for a long time!

I must say that you must still write your name,computer name and then when windows boot it boot at administrator account.Then I am go to the control panel-user accounts and there is also my typing user account.

So,we now we only need another script or something to delete my user account. :)

0

Share this post


Link to post
Share on other sites

Can you maybe add some small info where I must put the AutoUnattend.xml ?

So far I am not try AutoUnattend.xml :rolleyes:

o.k,I am find where ;)

Edited by Rudi1
0

Share this post


Link to post
Share on other sites

Hmm,maybe I do something wrong with AutoUnattend.xml because I still must type user info and the another user is still in user accounts.

Can you give us some small info how we can do this setup correct?

Edited by Rudi1
0

Share this post


Link to post
Share on other sites

Try this one, is basically my working AutoUnattend.xml. It's pretty lackluster, but the only prompt you should get is Which partition to format. It is set to install Ultimate, but you can change it if you like.

Search your WAIK folder for Unattend.chm, I use the OPK, so I not sure the exact link, but that file has all the syntax for AutoUnattend.xml

AutoUnattend_MSFN.xml

Edited by MrJinje
0

Share this post


Link to post
Share on other sites

May I ask if you people use autounattend.xml directly for unattended setups, meaning doing so without the use of MDT or WAIK or whatever 3rd party means?

0

Share this post


Link to post
Share on other sites

Big hug for MrJinje because this guide really works!

I am try with this commands in SetupComplete.cmd

SetupComplete.cmd

Net user administrator /active:yes

Regedit /s %~dp0AUTOLOGIN.REG

NET USER MrJinje /DELETE

working like a sharm.The only one user account in control panel is administrator and guest. :thumbup

0

Share this post


Link to post
Share on other sites
May I ask if you people use autounattend.xml directly for unattended setups, meaning doing so without the use of MDT or WAIK or whatever 3rd party means?

I sometimes use my sound xml without going through the wsim found in waik. Should I use someone's else xml or making a new one I will then use the wsim.

0

Share this post


Link to post
Share on other sites
Big hug for MrJinje because this guide really works!

I am try with this commands in SetupComplete.cmd

SetupComplete.cmd

Net user administrator /active:yes

Regedit /s %~dp0AUTOLOGIN.REG

NET USER MrJinje /DELETE

working like a sharm.The only one user account in control panel is administrator and guest. :thumbup

That's good news, you may need to ensure your machine is secure as poss to prevent an attack though.

0

Share this post


Link to post
Share on other sites

Not really,so far I am use administrator account several years and no problems.

I hate UAC popup windows and all other UAC stuff! :rolleyes:

0

Share this post


Link to post
Share on other sites

Oh and that's something else I've been meaning to ask since I skipped Vista. I have seen this UAC thing mentioned many times, and came to the understanding that most people don't use an administrator account, in XP, i never bother creating normal user accounts.. so what's the verdict in vista/win7. Is it necessary at all? Or is it for those folks who don't know what they are doing?

0

Share this post


Link to post
Share on other sites

Generally speaking the administrator account in Vista & W7 is not accessible by default. In Vista & W7 you must create a user, they can have administrative privileges. Their are ways to enable the admin account as recently posted on this board.

0

Share this post


Link to post
Share on other sites
Generally speaking the administrator account in Vista & W7 is not accessible by default. In Vista & W7 you must create a user, they can have administrative privileges. Their are ways to enable the admin account as recently posted on this board.
While M$ claims you are safer having it disabled, there are others who will claim you are no safer than if you had simply renamed your Administrator account. (via control userpasswords2) Both situations will prevent malicious software from hacking an account called "Administrator", now malicious programmers not only need to crack the password, but also need to guess the account name. All this is assuming said malicious software actually attacks via user/password, instead of buffer exploit like a normal piece of malware.

If said malware can access you non-administrator user account (which in M$ infinite wisdom has local administrator privileges), your false sense of security is out the window (pun not intended), as hacking any account with Local Admin rights will allow malicious software full access. :realmad:

I rank this up there with "Editing the Registry can cause catastrophic failure", sure technically that is true, but has it ever stopped anyone ?

Edited by MrJinje
0

Share this post


Link to post
Share on other sites

I personally don't use Administrator but I do turn LUA off and I think It's just as powerful as that Admin account who couldn't delete folder's i couldn't delete. I develop and I need to have an account which be on same level as 99.9% out there. Gives me better perspective and my Admin account does have a Pass I set with my Xml

I'd like to know just what is the difference between Administrator and a local Admin

Edited by maxXPsoft
0

Share this post


Link to post
Share on other sites
I'd like to know just what is the difference between Administrator and a local Admin
Administrator is a "Built-in account for administering the computer", it derives it power from being a member of the "Administrators" group.

A local administrator is "Administrator" and/or any other user account on the local machine in the "Administrators" group. Everyone in the Administrators group is equally powerful.

By default, the "Administrator" account is disabled and the user created by setup is in the "Administrators" group.

Notice that security on C:\Windows Directory has no permission entries for "Administrator" account but instead an entry for "Administrators" group. If you remove Administrator from the Administrators group, you would not be able to do much.

post-263685-1257818864_thumb.png

post-263685-1257820444_thumb.png

Edited by MrJinje
0

Share this post


Link to post
Share on other sites

:hello: You read pretty much what i have read.

It is a good account to keep in reserve for troubleshooting purposes.

By remaining relatively untouched, it is very likely that you will be able to log onto this account if/when the other accounts become damaged or inaccessible.

Another benefit of knowing this method is to keep the hidden Administrator account as a 'back door', for example, if you inadvertently lock out your main account. Sitting there at your computer, you can never believe that you will be so foolish as to lock yourself out, yet logic dictates that somewhere in the world today, someone has just done that: locked themselves out. Would not they like to know how to activate the administrator account?

Boot to Safe mode no pass on Administrator account by default

also the whoami vs Administrator. My account is identical

Whoami_vs_Administrator_Nov-09-2009

So I have decided that instead of typing out all that mess maybe I'll just call myself Admin. :lol:

Edited by maxXPsoft
0

Share this post


Link to post
Share on other sites

Note there are two major differences- the actual local Administrator account gets a full admin token on logon, whereas an Administrative group account gets a pseudo-token and is still affected by UAC and it's security (unless you of course disable UAC). Also, the admin account has a well-known SID GUID, and it's disabled (and a new user is made an administrator on install) to try and mitigate attacks that target the Administrator account, both by name AND by it's SID.

0

Share this post


Link to post
Share on other sites
Note there are two major differences- the actual local Administrator account gets a full admin token on logon, whereas an Administrative group account gets a pseudo-token and is still affected by UAC and it's security (unless you of course disable UAC). Also, the admin account has a well-known SID GUID, and it's disabled (and a new user is made an administrator on install) to try and mitigate attacks that target the Administrator account, both by name AND by it's SID.
Here is good article detailing what Cluberti is touching on.

http://technet.microsoft.com/en-us/magazine/2007.06.acl.aspx

EDIT:Relevant

http://www.msfn.org/board/topic/144776-unable-to-open-an-elevated-windows-explorer-window/

Edited by MrJinje
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.