none
Windows 10 Deployment Sequence - Autologon breaks after Domain Join. RRS feed

  • Question

  • Hi everyone, 

    "First time Caller, long time listener" as it were.   I am encountering a rather odd issue with MDT 2013 update 2.  Upon domain join, regardless if it's a powershell script that I previously used, or the task sequence to recover to the domain, it breaks the autologon.  I have confirmed this, because I moved the domain join to become the very last step just before the post-apply cleanup, and moved both of those to be the last two steps in the task sequence and I encounter no issues.   

    I created a new task sequence from scratch, so I have the necessary reg keys being added to ensure that MDT can do it's thing.   I also captured the image using MDT, so I don't believe my issue is with that either.  So, does anyone have any ideas on what could be happening?  Please note, this behavior does not occur with my Windows 7 images and task sequences, so I am loathe to believe that this is some GPO at work directly, but could be some behavior related to Windows 10, that I am not aware of....   Suggestions or advice would be greatly appreciated!  

    Thanks, 

    Allyn

    Wednesday, June 29, 2016 2:32 PM

All replies

  • It is almost certainly a GPO.

    Many questions such as where do I find logs and what logs are interesting are found in: MDT TechNet Forum - FAQ & Getting Started Guide Please take the time to read it. Also if you don't post logs your problem won't be easily solved.

    Wednesday, June 29, 2016 3:37 PM
    Moderator
  • Ty, 

    What would be the best way to analyze the GPO to determine how it's modifying the registry to remove that Autologon?   As far as I know nothing should be deleting registry key's, so it needs to be something else that's causing it.  I know I can do the RSOP to see what's applying, however where would you suggest I start to look to find the naughty policy??

    Thanks,

    Allyn

    Thursday, June 30, 2016 5:26 PM
  • Hi

    You can do a domain join in Computers - it is a CN and cannot have GPO's applyed.

    Kind regards
    Per Larsen
    Twitter: @PerLarsen1975 | Blog: osddeployment.wordpress.com
    If this post is helpful please vote it as Helpful or click Mark for answer.

    Thursday, June 30, 2016 7:48 PM
  • The Default Domain Join is to the Computers OU to limit overcomplication.  Further testing shows the following.  

    The device will join the Domain.  At first using "recover from domain" MDT Task Sequence Step, then removing that and using a simple powershell script.   Upon the restart (triggered via the Restart Computer MDT Step) it will come up to a logon screen, showing two different administrators.   

    One has both a username/E-mail password box, and the other has just the password box.  

    Then the "Logon to Domain option"  

    If the computers are left alone, they will eventually hibernate.  If they recover from hibernation, they are able to login correctly.  So what the heck is happening during the hibernation that "fixes" the autologon??   

    Where can I look to see where the thing is stalling, and try and get it sorted out?  

    Thanks in advance, 

    Allyn

    Wednesday, November 9, 2016 2:40 PM