locked
Remove Last Logged in user Windows 7? RRS feed

  • Question

  • Hi,

    I'm just trying to work out how I can remove the last logged in user details from Windows 7 logon screen?

    The issue I'm having is that I have a deployment which logs in as the Administrator account during installation to configure some settings - then I perform a clean up and restart the computer, upon the next reboot the computer is ready for the end user to begin using... but when ctrl + alt + del is pressed 'hostname\administrator'  is displayed in the logon dialog.

    just wondering how I can programatically remove the administrator account to prevent having to press switch user?

    I've tried setting these, but becuase I'm running them while the administrator is logged in they get written again on logoff so are there again upon reboot:

     

        sh.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon","0", "REG_SZ"
        sh.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName","", "REG_SZ"
        sh.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword","", "REG_SZ"
        sh.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName","", "REG_SZ"   
        sh.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AltDefaultDomainName","", "REG_SZ"
        sh.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CachePrimaryDomain","", "REG_SZ"

     

    Friday, May 21, 2010 6:14 AM

Answers

  • To remove the last logged name, add this line in a .cmd script

    reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DontDisplayLastName /t REG_DWORD /d 1 /f

    If you prefer then in GPO

       1. Click on Start button, and type secpol.msc into Start Search box, and hit Enter to open the Local Security Policy Editor.
       2. Navigate to Security Settings -> Local Policies -> Security Options.
       3. In the right pane, double click on Interactive Logon: Do not display last user name.
       4. Select and set the radio button of Enabled.

    Friday, May 21, 2010 1:26 PM

All replies

  • To remove the last logged name, add this line in a .cmd script

    reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DontDisplayLastName /t REG_DWORD /d 1 /f

    If you prefer then in GPO

       1. Click on Start button, and type secpol.msc into Start Search box, and hit Enter to open the Local Security Policy Editor.
       2. Navigate to Security Settings -> Local Policies -> Security Options.
       3. In the right pane, double click on Interactive Logon: Do not display last user name.
       4. Select and set the radio button of Enabled.

    Friday, May 21, 2010 1:26 PM
  • I don't know if that is a good solution to this problem...or maybe not the solution that is desired.  If you put that GPO in effect, it will never show the name of any user who ever logs in ever again.

    I think the OP is just looking to remove the Admin from the list as a one time shot and then let it go back to working normally.

    Now, if the intent is to never have it show the name of the last logged on user ever again...well, then your suggestion will absolutely work for that.

     


    Mike N.
    Friday, May 21, 2010 5:06 PM
  • Thanks Guys -  That's just what I needed,  I'll just write the reg key before shutdown then remove it again after logon - should be just long enough to prevent the administrator login name from appearing the first time, then after a new user has logged on then their credentials will be shown..

    I knew I could do this via GPO,  don't know why I didn't look up tha ADM file and find it out myself.. clearly insufficient caffeine lately!

    as you suggested I do not want this in an actual group policy as for on ongoing usage users can see who's logged on to their machine/s  (well for this client at least..)

     

    cheers

    Monday, May 24, 2010 6:41 AM
  • To remove the last logged name, add this line in a .cmd script

    reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DontDisplayLastName /t REG_DWORD /d 1 /f

    If you prefer then in GPO

       1. Click on Start button, and type secpol.msc into Start Search box, and hit Enter to open the Local Security Policy Editor.
       2. Navigate to Security Settings -> Local Policies -> Security Options.
       3. In the right pane, double click on Interactive Logon: Do not display last user name.
       4. Select and set the radio button of Enabled.


    I've added this via group policy preferences  in a computer group policy object and it's working a treat.  Cheers.

     

    Hive HKEY_LOCAL_MACHINE
    Key path SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
    Value name dontdisplaylastusername
    Value type REG_DWORD
    Value data 0x1 (1)
    Thursday, June 30, 2011 2:47 PM
  • I had to modify the script just a bit before it works, dontdisplaylastusername in place of DontDisplayLastName.

    Here's what I run now on all new windows 7 boxes that aren't on a domain (laptops basically), so that people don't see other local accounts and get confused (and sure, my administrator password is really 12345).

    @net user administrator active:yes
    @net user administrator 12345
    @reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System /v dontdisplaylastusername /t REG_DWORD /d 1 /f


    Wednesday, April 4, 2012 5:25 PM
  • The above works for WinXP but 7 is just a little different. I use a script similar to the one above to make sure users don't lock my account out when I leave. For 7 the username is stored in the following location

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI

    Clear the keys LastLoggedOnSAMUser and LastLoggedOnUser and you should be set

    This will change it only for the one time. As soon as another user logs in, their username will remain when they log out or reboot. This is only to clear it once. 

    Script it CMD...

    -----

    @echo off
    ::Clear username from Win7 login
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI" /v LastLoggedOnSAMUser /t REG_SZ /d "" /f
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI" /v LastLoggedOnUser /t REG_SZ /d "" /f

    exit



    • Proposed as answer by fixNstuff Sunday, October 14, 2012 7:27 AM
    • Edited by fixNstuff Sunday, October 14, 2012 7:30 AM
    Sunday, October 14, 2012 7:27 AM