RSS

SCCM Task Sequence – Disable Autologon

08 Aug

Recently I was working on a project that creates lab images using SCCM task sequences. I encountered a problem, the image after being completely set up would autologin to the local administrator at reboot. This was a security risk. I found a fix by running a script at the end of the deployment in which will change the registry settings to disable auto login. Note: this guide assumes that you have the SCCM administrator console installed.

Find and add a script to the proper source directory

  1. Open the SCCM Configuration Manager Console and navigate to your site packages.
  2. Right click on your Task Sequence Scripts and click on “Properties”.
  3. A menu will pop up, navigate to the “Data Source” Tab, the “Source Directory” is where you will want to put your script you will be writing.
  4. Navigate and keep this source directory open.

Make the disable autologin script

  1. Open notepad and put the following into it and name it something like “autologin_disable.reg”.
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "AutoAdminLogon"="0"
    "DefaultUserName"=-
    "DefaultPassword"=-
    "DefaultDomain"="Chemistry"
  2. It will look something like this.
  3. Add this script to the source directory that we found earlier.

Add the script to your task sequence

  1. Locate your task sequence in the SCCM console, right click on it and choose “Edit”.
  2. A menu will pop up, on the left scroll down to the bottom and click the last task in the sequence. Click the “Add” button at he top and choose “General” -> “Run Command Line”.
  3. A menu will pop up, give the rule a name, Something like “Disable Auto Login”.
  4. Check the box next to “Package” and hit the browse button. Choose the “Task Sequence script” that you placed your script in earlier. Hit “ok”.
  5. In the “Command Line” section, input the following command:
    REG IMPORT <yourScriptName>.reg
  6. Before you hit “Apply” your new rule should look something like this.
  7. You should be done.

Please feel free to leave a comment or a question!

Advertisements
 
Leave a comment

Posted by on August 8, 2012 in Uncategorized

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: