Skip to main content
Question

How can I modify automatic login records?

J
Forum|alt.badge.img

Hi everyone, I'm new to automox and I've been reading about the policies but I can't get something to run in particular and it's in the code remediation to add a record for the authentication of windows users automatically as follows:
 

# Configurar el inicio automático de un usuario
$AutoLogonUsername = "username"
$AutoLogonPassword = "password"
$AutoLogonRegistryPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"

Set-ItemProperty -Path $AutoLogonRegistryPath -Name "AutoAdminLogon" -Value "1" -Force

Set-ItemProperty -Path $AutoLogonRegistryPath -Name "DefaultUserName" -Value $AutoLogonUsername -Force

Set-ItemProperty -Path $AutoLogonRegistryPath -Name "DefaultPassword" -Value $AutoLogonPassword -Force

Apparently the policy is executed and I do a restart to the device but when I go to check if the records were created I realize that they are not created, I have tried to modify other records and if it changes them without problem I only have problems with these

2 replies

AnthonyM-Automox

Good day @jesus garcia !

 

This is likely due to the architecture of the Automox agent ( currently only delivered in 32-bit ) and the architecture of the device ( which is most likely 64-bit ).

 

The “HKLM:\SOFTWARE” registry key is one of a handful that are virtualized in the context of 32-bit processes - this is why the properties you’re assigning don’t appear to be there when you check following the reboot!

 

The solution to this is to relaunch PowerShell depending on the architecture of both the process, and the device:

function Shell
{
    <#
        .SYNOPSIS

            Evaluates the executing process and system architecture to execute ScriptBlocks in the appropriate PowerShell architecture. Designed primarily for 64-bit scriptblock execution from the context of a 32-bit PowerShell instance.

        .PARAMETER Block

            [ scriptblock ] : Mandatory
                Provides the scriptblock to be executed in the evaluated shell context.

        .PARAMETER ArgList

            [ object[] ] : Optional
                Allows variable exchange between the calling process and child ( relaunched ) PowerShell process, in the event of required elevation.

        .EXAMPLE

            PS> Shell { Write-Host "Hello, world" }
            Hello, world

            PS> Shell -Block { param( $msg ); Write-Host $msg } -ArgList "Hello, world"
            Hello, world

        .NOTES

            Author : Anthony Maxwell
            Date   : 06/19/2023
    #>

    [ CmdletBinding() ]
    Param(
        [ Parameter( Mandatory, ValueFromPipeline, Position = 0 ) ]
        [ scriptblock ]
        $Block,
        [ Parameter( Mandatory = $false, Position = 1 ) ]
        [ object[] ]
        $ArgList
    )

    Process
    {
        if ( [ System.Environment ]::Is64BitOperatingSystem -and ![ System.Environment ]::Is64BitProcess )
        {
            return & "$env:SystemRoot\sysnative\WindowsPowerShell\v1.0\powershell.exe" -Command $Block -args $ArgList
        }

        else
        {
            return & $Block $ArgList
        }
    }
}

$configureAutoLogon = {
    $AutoLogonUsername = 'username'
    $AutoLogonPassword = 'password'
    $AutoLogonRegistryPath = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'

    Set-ItemProperty -Path $AutoLogonRegistryPath -Name 'AutoAdminLogon' -Value '1' -Force
    Set-ItemProperty -Path $AutoLogonRegistryPath -Name 'DefaultUserName' -Value $AutoLogonUsername -Force
    Set-ItemProperty -Path $AutoLogonRegistryPath -Name 'DefaultPassword' -Value $AutoLogonPassword -Force
}

Shell $configureAutoLogon

 

Hope this helps; let me know if you have any questions!

 

- Anthony M.

J
1 person likes this
  • J
    jesus garcia
J
Forum|alt.badge.img

thank you very much if it worked

AnthonyM-Automox
1 person likes this
  • AnthonyM-Automox
    AnthonyM-Automox

Reply


Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings