Auto Login on Domain controller with locked session

I have a client who for reason of the way their accounting system maintenance works requires a session to be logged in at all times even after a power failure restart. We are running Windows 2003 Standard server on the data server that this is required to happen on and it is also the domain controller. So the question is how do we get the Server on startup to login automatically as a particular user then lock the session I believe that "rundll32.exe user32.dll, LockWorkStation" when run in a batch file will achieve the locked workstation part but  how do we get the auto login on that server to happen ??
NeilFrickAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Lee W, MVPTechnology and Business Process AdvisorCommented:
Scheduled tasks don't work?  I'd try that first - schedule a task for when the computer starts.
0
NeilFrickAuthor Commented:
Tried that - no good
0
cfairleyCommented:
It in a autologon registry key, I'm looking for it now.  I've used it before to do an unattended install of a server.
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

cfairleyCommented:
Here is one link, I'm looking for another.

http://windows.about.com/library/tips/bltip407.htm
0
NeilFrickAuthor Commented:
Found answer and tested it ok

You can accomplish this via RegEdits so that you can change them back on the fly after you complete your autologon routines. We use this process sometimes when we have to install software packages that require someone be logged on in order to capture the window handles and use SendKeys so that there is no user intervention. First you want to create a .VBS file to change the Registry entries for autologon. Make sure you replace the username\password variables

' Write RegKeys to perform an autologon
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon", "1", "REG_SZ"
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword", myPassword, "REG_SZ"
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName", myUserName, "REG_SZ"
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DontDisplayLastUsername", "0", "REG_SZ"
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption", "", "REG_SZ"
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText", "", "REG_SZ"
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ShutdownWithoutLogon", "0", "REG_SZ"
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\defaultDomainName", "", "REG_SZ"

This sets things up for autologon in case you have any policies in place via GPO or otherwise that may prevent autologon.

You will have to remove any "Legal Notice" type messages in case they pop up during logon as well.

' Write RegKeys to remove LegalNotice and LegalCaption
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LegalNotice", "", "REG_SZ"
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaption", "", "REG_SZ"

Then you can setup a program to run after the computer reboots and only for one time.

'Command to runonce after autologon
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\MyFolder", "C:\MyFolder\MyFile.exe", "REG_SZ"

When you have completed you can run this exact script to replace any registry values back to what they were before you cleared them for autologon.
0
cfairleyCommented:
Excellent!  Thanks for posting it for everyone's benefit.
0
WeHeCommented:
btw, you should set propper permissions on this registry Keys, as everyone can read your cleartext password from them.
0
moduloCommented:
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.