Users are not automatically logged on to the domain when you apply a startup script to automate the logon process on computers that are running Windows Fundamentals for Legacy PCs (920319)

SYMPTOMS

Consider the following scenario. You create a startup script to automate the logon process on computers that are running Windows Fundamentals for Legacy PCs. This startup script configures the registry entries that let users automatically log on to the domain when they start their computers. For example, you create a startup script that contains the following code.

Set ws = WScript.CreateObject("WScript.Shell")

registrykey = "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"

user = "UserName"
password = "Password"
domain = "DomainName"

ws.RegWrite registrykey & "DefaultUserName", user
ws.RegWrite registrykey & "DefaultPassword", password
ws.RegWrite registrykey & "DefaultDomainName", domain
ws.RegWrite registrykey & "AutoAdminLogon", 1
ws.RegWrite registrykey & "DontDisplayLastUserName", 0

You then create a Group Policy object (GPO) on the domain controller, and this GPO applies the startup script to computers that are running Windows Fundamentals for Legacy PCs. However, when a user starts one of the computers in question, the user is not automatically logged on to the domain. Instead, the Welcome to Windows dialog box is displayed. The user must press CTRL+ALT+DELETE in the Welcome to Windows dialog box and then manually log on to the domain.

WORKAROUND

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
To work around this issue, use one of the following methods.

Method 1: Modify the startup script to set the value of the ForceAutlogon registry entry to 1

Modify the startup script to set the value of the ForceAutologon registry entry in the following registry subkey to 1:

HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon

To do this, add the following code to the end of the startup script.

ws.RegWrite registrykey & "ForceAutologon", 1

The following is an example of a startup script that contains code to set the value of the ForceAutologon registry to 1.

Set ws = WScript.CreateObject("WScript.Shell")

registrykey = "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"

user = "UserName"
password = "Password"
domain = "DomainName"

ws.RegWrite registrykey & "DefaultUserName", user
ws.RegWrite registrykey & "DefaultPassword", password
ws.RegWrite registrykey & "DefaultDomainName", domain
ws.RegWrite registrykey & "AutoAdminLogon", 1
ws.RegWrite registrykey & "DontDisplayLastUserName", 0
ws.RegWrite registrykey & "ForceAutologon", 1

Note When you use this method, the user must restart the computer that is running Windows Fundamentals for Legacy PCs two times before the user is automatically logged on to the domain. Additionally, if you are an administrator, you cannot use the Remote Desktop feature to remotely log on to the computer.

Method 2: Modify the startup script to restart the computer

Modify the startup script to restart the computer after the script configures the registry entries. To do this, follow these steps:

Copy the Shutdown.exe command-line tool from a computer that is running Microsoft Windows Server 2003 or Microsoft Windows XP to the Drive:\Windows\System folder on a computer that is running Windows Fundamentals for Legacy PCs.

Add the Shutdown.exe command line to the startup script. The following is an example of a startup script that contains code that includes the Shutdown.exe command line.

on error resume next
Set ws = WScript.CreateObject("WScript.Shell")

registrykey = "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"

user = "UserName"
password = "Password"
domain = "DomainName"

CurrentDomain = ws.RegRead (registrykey & "DefaultDomainName")
CurrentPassword = ws.RegRead (registrykey & "DefaultPassword")
CurrentAutoAdminLogon = ws.RegRead (registrykey & "AutoAdminLogon")
CurrentUserName = ws.RegRead (registrykey & "DefaultUserName")

if (CurrentUserName <> user) or _
   (CurrentPassword <> password) or _
   (CurrentDomain <> domain) or _
   (CurrentAutoAdminLogon <> 1) then

    ws.RegWrite registrykey & "DefaultUserName", user
    ws.RegWrite registrykey & "DefaultPassword", password
    ws.RegWrite registrykey & "DefaultDomainName", domain
    ws.RegWrite registrykey & "AutoAdminLogon", 1
    ws.RegWrite registrykey & "DontDisplayLastUserName", 0

    ws.Run ("shutdown.exe -r -t 5 -f -d P:4:2")
end if

Method 3: Disable the Fast Logon Optimization feature in Windows Fundamentals for Legacy PCs

Disable the Fast Logon Optimization feature in Windows Fundamentals for Legacy PCs. To do this, enable the "Always wait for the network at computer startup and logon" policy setting. To enable this policy setting, follow these steps:

Open the appropriate policy object.
Expand Computer Configuration, expand Administrative Templates, expand System, and then click Logon.
In the right pane, double-click Always wait for the network at computer startup and logon.
Click Enabled, and then click OK.

Note When you use this method, the Welcome to Windows dialog box is displayed when a user starts the computer. After the user presses CTRL+ALT+DELETE, the user is logged on to the domain. The user does not have to type a user name or password.

Method 4: Instruct users to wait four to five minutes before they press CTRL+ALT+DELETE

The next time that a user starts the computer, instruct that user to wait four to five minutes before he or she presses CTRL+ALT+DELETE in the Welcome to Windows dialog box. After the user performs this procedure one time, the user will be automatically logged on to the domain every subsequent time that he or she starts the computer. However, the user must perform this procedure again if a different user logs on to the domain on the same computer.