locked
Autologon Clear RRS feed

  • Question

  • I am trying to get several computers off the autologon vulnerability list. I have made sure the autologon key is set to 0, and made sure the password values are empty. This actions did not remove the computer from the list. Does anyone know:

    1. Is a reboot required for this item to fall off the list?

    2. I have noticed that the password value on machines that are not on this list do have values. Obviously these values are ok with the "SSA TEST".  So that begs the question of how this "autologon test" is done by the SSA service on the host. Does anyone know?

    Tuesday, August 17, 2010 2:55 PM

Answers

  • I discovered with MS help that the forefront documentation is missing another key. Once I deleted the following key the "finding" cleared.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ DefaultPassword

    Have to look in the SSA manifest.

    Wednesday, September 1, 2010 12:49 PM

All replies

  • Hi,

     

    Thank you for the post.

     

    Do either of these keys exist on the your computer?

     

    HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\DefaultPassword\CurrVal

    HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\DefaultPassword\OldVal

     

    If so, try removing them and run the SSA check again.

     

    Regards,


    Nick Gu - MSFT
    • Marked as answer by Nick Gu - MSFTModerator Wednesday, September 1, 2010 2:42 AM
    • Unmarked as answer by MGMNVA Wednesday, September 1, 2010 12:43 PM
    Thursday, August 19, 2010 2:07 AM
    Moderator
  • Hi MGMNVA,

    Do you have any update about this issue?

    Regards,

     


    Nick Gu - MSFT
    Friday, August 20, 2010 2:26 AM
    Moderator
  •  

    I discovered with MS help that the forefront documentation is missing another key. Once I deleted the following key the "finding" cleared.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ DefaultPassword

    Have to look in the SSA manifest.

     

     

    Wednesday, September 1, 2010 12:48 PM
  • I discovered with MS help that the forefront documentation is missing another key. Once I deleted the following key the "finding" cleared.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ DefaultPassword

    Have to look in the SSA manifest.

    Wednesday, September 1, 2010 12:49 PM