none
AutoLogon Not working during 3rd Restart? first two autologon works

    Question

  • Hi,

    I have created the Task Sequence for Windows 7 x64 using MDT 2010. Have added the step "Restart Computer" before the domain joining (using script) under State Restore. My client environment has a tool which will give change local administrator Password daily. When i run this task sequence, the autologon is not working for the 3rd restart. I have to put in the local daily password manually using the Tool. Any idea why its not working during the third logon. It kills me for long time.

    I tried by disabled the 3rd Restart, the image is completed but the machine is not joined to Domain. :(

    I tried by moving the Post-Applycleanup to the end, but still i stops and waiting for the password during 3rd logon.

    Let me know if you want any log files.


    Best Regards\Shanmugaa

    Tuesday, August 06, 2013 3:34 PM

All replies

  • Is your tool for changing the local administrator password updating the registry so on the next reboot it has the right account information to automatically login with?  Assuming you are only updating the password, then you'd just need to update HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword so that on the next reboot, it works as expected.

    Note that when the Task Sequence completes, as part of the cleanup it will remove the automatic login registry values.


    David Coulter | http://DCtheGeek.blogspot.com | @DCtheGeek

    Tuesday, August 06, 2013 3:41 PM
    Answerer
  • Thanks for the quick reply David. But how can i give that password in the registry? the password will change daily, so i cant hard code it.


    Best Regards\Shanmugaa

    Tuesday, August 06, 2013 3:49 PM
  • What tool are you using to update the password?  It really only needs to be updated for that one last reboot to help the Task Sequence finish.  As I said, the Task Sequence will delete the keys at the end (so that autologon is disabled) and the machine will then be 'normal use'.

    The other option is to move the tool that's changing the password to the end so that the reboots work, it updates the password, then the Task Sequence finishes, removes the autologon keys, and shuts down (depending on your FinishAction).


    David Coulter | http://DCtheGeek.blogspot.com | @DCtheGeek

    Tuesday, August 06, 2013 3:53 PM
    Answerer
  • David,

    Its internal Tool which will scramble the daily password for the local administrator. In this testing, Domain Joining is happening after the 3rd restart? i cant find out why its taking the password from the tool. May i know which step will clear the autologon? i tried even comments the Autologon registry in LiteTouch.wsf and LTICleanup.wsf but no luck.


    Best Regards\Shanmugaa

    Tuesday, August 06, 2013 4:21 PM
  • Only way to figure out why the domain join is having issues is to look at the log (C:\Windows\Debug\NetSetup.log).

    If the third reboot is the last and you have nothing to install / configure after that reboot, instead of doing the third reboot in the Task Sequence, maybe try setting FinishAction=REBOOT in your CustomSettings.ini.  This would allow the Task Sequence to finish cleanly, remove the autologon registry entries, and also do the third reboot that should join the domain.  It should leave the machine at the logon screen and ready to use.


    David Coulter | http://DCtheGeek.blogspot.com | @DCtheGeek

    Tuesday, August 06, 2013 4:25 PM
    Answerer
  • Thanks David, Let me check the log file and update you.


    Best Regards\Shanmugaa

    Tuesday, August 06, 2013 4:29 PM
  • The accepted solution for such a scenario is to delay it's action until the last step. In the case of a GPO, exclude until the task sequence ends. 

    If this is an internal tool, then talk to the clients senior tech's and let them know the issue. 


    Blog: http://scriptimus.wordpress.com

    Tuesday, August 06, 2013 8:56 PM
  • it sounds like you have a GPO that is removing the autologon settings.  This is pretty standard, as I've encountered it before.  Two solutions I've used in the past:

    1)stage the newly deployed computers in a designated OU that does not have any GPOs applied

    2) inject a registry key or file to act as a "deployment flag".  Then set the GPO to filter out any machines where the key/file is present. 

    Tuesday, August 06, 2013 11:57 PM
  • Thanks all. I have commented the Winlogon/ Autologon Registry and added a script to manually clear the autologon Registry at the end of the task sequence. Its working fine now.

    Best Regards\Shanmugaa

    Thursday, August 08, 2013 11:40 AM