How can I modify automatic login records?

  • 19 July 2023
  • 2 replies


Hi everyone, I'm new to automox and I've been reading about the policies but I can't get something to run in particular and it's in the code remediation to add a record for the authentication of windows users automatically as follows:

# Configurar el inicio automático de un usuario
$AutoLogonUsername = "username"
$AutoLogonPassword = "password"
$AutoLogonRegistryPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"

Set-ItemProperty -Path $AutoLogonRegistryPath -Name "AutoAdminLogon" -Value "1" -Force

Set-ItemProperty -Path $AutoLogonRegistryPath -Name "DefaultUserName" -Value $AutoLogonUsername -Force

Set-ItemProperty -Path $AutoLogonRegistryPath -Name "DefaultPassword" -Value $AutoLogonPassword -Force

Apparently the policy is executed and I do a restart to the device but when I go to check if the records were created I realize that they are not created, I have tried to modify other records and if it changes them without problem I only have problems with these

2 replies

Good day @jesus garcia !


This is likely due to the architecture of the Automox agent ( currently only delivered in 32-bit ) and the architecture of the device ( which is most likely 64-bit ).


The “HKLM:\SOFTWARE” registry key is one of a handful that are virtualized in the context of 32-bit processes - this is why the properties you’re assigning don’t appear to be there when you check following the reboot!


The solution to this is to relaunch PowerShell depending on the architecture of both the process, and the device:

function Shell

Evaluates the executing process and system architecture to execute ScriptBlocks in the appropriate PowerShell architecture. Designed primarily for 64-bit scriptblock execution from the context of a 32-bit PowerShell instance.


[ scriptblock ] : Mandatory
Provides the scriptblock to be executed in the evaluated shell context.


[ object[] ] : Optional
Allows variable exchange between the calling process and child ( relaunched ) PowerShell process, in the event of required elevation.


PS> Shell { Write-Host "Hello, world" }
Hello, world

PS> Shell -Block { param( $msg ); Write-Host $msg } -ArgList "Hello, world"
Hello, world


Author : Anthony Maxwell
Date : 06/19/2023

[ CmdletBinding() ]
[ Parameter( Mandatory, ValueFromPipeline, Position = 0 ) ]
[ scriptblock ]
[ Parameter( Mandatory = $false, Position = 1 ) ]
[ object[] ]

if ( [ System.Environment ]::Is64BitOperatingSystem -and ![ System.Environment ]::Is64BitProcess )
return & "$env:SystemRoot\sysnative\WindowsPowerShell\v1.0\powershell.exe" -Command $Block -args $ArgList

return & $Block $ArgList

$configureAutoLogon = {
$AutoLogonUsername = 'username'
$AutoLogonPassword = 'password'
$AutoLogonRegistryPath = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'

Set-ItemProperty -Path $AutoLogonRegistryPath -Name 'AutoAdminLogon' -Value '1' -Force
Set-ItemProperty -Path $AutoLogonRegistryPath -Name 'DefaultUserName' -Value $AutoLogonUsername -Force
Set-ItemProperty -Path $AutoLogonRegistryPath -Name 'DefaultPassword' -Value $AutoLogonPassword -Force

Shell $configureAutoLogon


Hope this helps; let me know if you have any questions!


- Anthony M.


thank you very much if it worked