4 replies to this topic

[ken82m]

When activated this tool will set the computer to AutoLogin with the local admin account.

When deactivated it will disable autologon and set the logon screen to display the username and domain of the user that initiated the program.

It also writes to a log file who activates and deactivates the tool and when.

Plain Text        expandcollapse  popup

If @OSVersion <> "WIN_2000" AND @OSVersion <> "WIN_2003" AND @OSVersion <> "WIN_XP" AND @OSVersion <> "WIN_VISTA" Then
 MsgBox(4096, "Toggle Install Mode", "This application is designed for Windows 2000 or greater.")
 Exit
EndIf

If $CMDLine[0] = 1 Then
 If $CMDLine[1] = "Activate" Then Activate()
 If $CMDLine[1] = "Deactivate" Then Deactivate()
 Exit
EndIf

;Make sure script's path can be called again. (In case it is running from Temporary Internet Files or something)
If FileExists(@ScriptFullPath) = 0 Then
 MsgBox(4096,"Toggle Install Mode", "An error occured identifying the script location.")
 Exit
EndIf

;Activate and test local Admin credentials
AutoItSetOption("RunErrorsFatal", 0)
RunAsSet ( "Administrator", @Computername, "a1s2d3f4g5")
RunWait(@ComSpec & " /c", @SystemDir, @SW_HIDE) 
If @error = 1 then
  msgbox(4096,"Toggle Install Mode","An error occurred authenticating as: " & @ComputerName & "\Administrator")
  Exit
EndIf
AutoItSetOption("RunErrorsFatal", 1)

$AutoAdminLogon = RegRead("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "AutoAdminLogon")
$AdminActive = RegRead("HKLM\Software\ToggleAdmin", "AdminActive")
If $AdminActive = "" Then $AdminActive = 0

If $AdminActive = 0 And $AutoAdminLogon = 1 Then 
 If MsgBox(4096+4,"Toggle Install Mode", "Install Mode does not show as active however automatic login is enabled." & @CR & @CR & "Would you like to disabled it now?") = 6 Then
  Run('"' & @ScriptFullPath & '" Deactivate', @ScriptDir)
  Exit
 Else
  Exit
 EndIf
EndIf

If $AdminActive = 0 Then
 If MsgBox(4096+4,"Toggle Install Mode", "Install Mode is not currently active." & @CR & @CR & "Would you like to activate it now?") = 6 Then
  Run('"' & @ScriptFullPath & '" Activate', @ScriptDir)
  Exit
 Else
  Exit
 EndIf
EndIf

If $AdminActive = 1 Then 
 If MsgBox(4096+4,"Toggle Install Mode", "Install Mode is currently active." & @CR & @CR & "Would you like to deactivate it now?") = 6 Then
  Run('"' & @ScriptFullPath & '" Deactivate', @ScriptDir)
  Exit
 Else
  Exit
 EndIf
EndIf

Exit

;Custom Functions
Func Activate()
If @OSVersion = "WIN_VISTA" Then
 $User = RegRead("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI", "LastLoggedOnUser")
 $UserPOS = StringInStr($User, "\")
 If $UserPOS = 0 Then
  $CurrentUser = $User
  $CurrentDomain = @ComputerName
 Else
  $UserPOS = $UserPOS - 1
  $CurrentDomain = StringLeft($User, $UserPOS)
  $UserPOS = $UserPOS + 1
  $User = StringTrimLeft($User, $UserPOS)
  $CurrentUser = $User
 EndIf
Else
 $CurrentUser = RegRead("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultUserName")
 $CurrentDomain = RegRead("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultDomainName")
EndIf
RegWrite("HKLM\Software\ToggleAdmin", "CurrentUser", "REG_SZ", $CurrentUser)
RegWrite("HKLM\Software\ToggleAdmin", "CurrentDomain", "REG_SZ", $CurrentDomain)
RegWrite("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultUserName", "REG_SZ", "Administrator")
RegWrite("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultPassword", "REG_SZ", "a1s2d3f4g5")
RegWrite("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultDomainName", "REG_SZ", @ComputerName)
RegWrite("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "AutoAdminLogon", "REG_SZ", "1")
;Verify reg entries here
$Errors = 0
If RegRead("HKLM\Software\ToggleAdmin", "CurrentUser") <> $CurrentUser Then $Errors = $Errors + 1
If RegRead("HKLM\Software\ToggleAdmin", "CurrentDomain") <> $CurrentDomain Then $Errors = $Errors + 1
If RegRead("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultUserName") <> "Administrator" Then $Errors = $Errors + 1
If RegRead("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultPassword") <> "a1s2d3f4g5" Then $Errors = $Errors + 1
If RegRead("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultDomainName") <> @ComputerName Then $Errors = $Errors + 1
If RegRead("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "AutoAdminLogon") <> "1" Then $Errors = $Errors + 1
If $Errors <> 0 Then
 RegDelete("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "AutoAdminLogon")
 RegDelete("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultPassword")
 MsgBox(4096,"Toggle Install Mode","An error occurred writing the required registry entries as: " & @ComputerName & "\Administrator" & @CR & @CR & "Operation Aborted.")
 Exit
EndIf
RegWrite("HKLM\Software\ToggleAdmin", "AdminActive", "REG_SZ", "1")
$LogFile = FileOpen(@ScriptDir & "\ToggleAdmin.log", 1)
FileWriteLine($LogFile, "Start of Record...")
FileWriteLine($LogFile, "Admin Mode Activated   " & @MON & "/" & @MDAY & "/" & @YEAR & "   " & @HOUR & ":" & @MIN & ":" & @SEC)
FileClose($LogFile)
MsgBox(4096,"Toggle Install Mode","Install Mode Activated" & @CR & @CR & "You must restart your computer to enter Install Mode.")
Exit
EndFunc


Func Deactivate()
If @OSVersion = "WIN_VISTA" Then
 $User = RegRead("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI", "LastLoggedOnUser")
 $UserPOS = StringInStr($User, "\")
 If $UserPOS = 0 Then
  $CurrentUser = $User
  $CurrentDomain = @ComputerName
 Else
  $UserPOS = $UserPOS - 1
  $CurrentDomain = StringLeft($User, $UserPOS)
  $UserPOS = $UserPOS + 1
  $User = StringTrimLeft($User, $UserPOS)
  $CurrentUser = $User
 EndIf
Else
 $CurrentUser = RegRead("HKLM\Software\ToggleAdmin", "CurrentUser")
 $CurrentDomain = RegRead("HKLM\Software\ToggleAdmin", "CurrentDomain")
EndIf
RegDelete("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "AutoAdminLogon")
RegDelete("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultPassword")
RegWrite("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultUserName", "REG_SZ", $CurrentUser)
RegWrite("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "DefaultDomainName", "REG_SZ", $CurrentDomain)
;Verify reg entries here
If RegRead("HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon", "AutoAdminLogon") = "1" Then
 MsgBox(4096,"Toggle Install Mode","An error occurred removing the required registry entries as: " & @ComputerName & "\Administrator" & @CR & @CR & "Operation Aborted.")
 Exit
EndIf
RegWrite("HKLM\Software\ToggleAdmin", "AdminActive", "REG_SZ", "0")
RegDelete("HKLM\Software\ToggleAdmin", "CurrentUser")
RegDelete("HKLM\Software\ToggleAdmin", "CurrentDomain")
$LogFile = FileOpen(@ScriptDir & "\ToggleAdmin.log", 1)
FileWriteLine($LogFile, "Admin Mode Deactivated " & @MON & "/" & @MDAY & "/" & @YEAR & "   " & @HOUR & ":" & @MIN & ":" & @SEC)
FileWriteLine($LogFile, "End of Record...")
FileClose($LogFile)
MsgBox(4096,"Toggle Install Mode","Install Mode Deactivated")
Exit
EndFunc

[jaenster]

i cant find a situation where i want to use autologin.

But the idea about the script is nice

[ken82m]

I wrote it at work for my mobile sales force. I don't want them working with admin rights cause I know they'll break the machines.

But sometimes they need additional permissions to install printers for example.

The log is nice because if they decide to leave it on and break the machine I can prove it

[Emiel Wieldraaijer]

very insecure because you are writing password information directly into the registry .. in plain text

[ken82m]

You're right, but you'd have to know where to look, and my users aren't to smart have trouble turning on their machines (literally)
I could have written a run once value that silently deactivated the feature including deleting the password upon login.

Thanks,

Kenny