Sign in to follow this  
Followers 0
ayudame

Pre-login Legal Banner OK Key Toggle?

17 posts in this topic

I have been coding with AutoIt for about 3 years.

I generally just lurk in the forums and with searches find answers to my questions.

I've done a lot of searching here in the forums and on Google on what I am about to ask but so far no scenario quite matches mine.

Here it goes:

I have a computer at work that will restart periodically due to Windows Updates. This then knocks it out of an account that is running several programs across the network as the signed in account. No problem, I figured I'd use Windows autologon feature to log that account back in. The problem that there is a legal banner with an OK button that holds up the autologon (once you hit OK the autologon proceeds with no problem).

Then I figured I'd use AutoIt to get past that legal banner. I have read the forums and tried a lot of things mentioned for controlling processes when no one is logged on to the PC. So far nothing has worked.

I am betting that Windows simply won't let the OK button be activated programatically as a security feature.

However, before totally giving up, I was wondering if anyone here has any suggestions or tips. Any ideas, anyone?

Thanks!

Share this post


Link to post
Share on other sites



Would you be oppsed to disabling the notice (at least for the restart)? Is it set by group policy?

Share this post


Link to post
Share on other sites

Would you be oppsed to disabling the notice (at least for the restart)? Is it set by group policy?

Thanks, I should've mentioned that but I didn't want a long post that discourage readers. Yes I'd be willing to disable the notice; I've actually went to the registry but the place in the reg where the legal banner is set is empty. So the banner is set by group policy.

There are a few layers of GP where I work. Unfortunately the GP for the legal banner is set by the domain admins at our corp. hq and I can't do anything to modify it, even temporarily or just on one PC.

Share this post


Link to post
Share on other sites

In this case your options are limited. If you look at FAQ#4 http://www.autoitscript.com/forum/index.php?showtopic=37289 it lists some ways to create an autoit service. If you set your autiit script to run as a startup service with interactive capabilties you could get around it I think. Many moons ago i wrote one that would manaully type in a username and password to the login box so i know keystrokes at that point are available. Unfortuatly this it was lost in the great Hard drive crash of '04...

Share this post


Link to post
Share on other sites

In this case your options are limited. If you look at FAQ#4 http://www.autoitscript.com/forum/index.php?showtopic=37289 it lists some ways to create an autoit service. If you set your autiit script to run as a startup service with interactive capabilties you could get around it I think. Many moons ago i wrote one that would manaully type in a username and password to the login box so i know keystrokes at that point are available. Unfortuatly this it was lost in the great Hard drive crash of '04...

Thanks! I'll try it.

Share this post


Link to post
Share on other sites

There is a registry key which will do this for you:

I have this as a .vbs file, and i run it as a shutdown script via Group Policy on the local machine.

You can then use TweakUI to setup whatever account you want to auto login.

As long as this script runs on shutdown, the legal notice will not show next boot, if you open the registry and dig down to the key show, you will see where the message is, if there is no message set, it does not show.

Set WshShell = WScript.CreateObject("WScript.Shell")
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticecaption","","REG_SZ"
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticetext","","REG_SZ"

hth

/tAK

Share this post


Link to post
Share on other sites

There is a registry key which will do this for you:

I have this as a .vbs file, and i run it as a shutdown script via Group Policy on the local machine.

You can then use TweakUI to setup whatever account you want to auto login.

As long as this script runs on shutdown, the legal notice will not show next boot, if you open the registry and dig down to the key show, you will see where the message is, if there is no message set, it does not show.

Set WshShell = WScript.CreateObject("WScript.Shell")
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticecaption","","REG_SZ"
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticetext","","REG_SZ"

hth

/tAK

Wow this is truly awesome (and I don't use that word lightly)!

Thank you I will try that!

Share this post


Link to post
Share on other sites

There is a registry key which will do this for you:

I have this as a .vbs file, and i run it as a shutdown script via Group Policy on the local machine.

You can then use TweakUI to setup whatever account you want to auto login.

As long as this script runs on shutdown, the legal notice will not show next boot, if you open the registry and dig down to the key show, you will see where the message is, if there is no message set, it does not show.

Set WshShell = WScript.CreateObject("WScript.Shell")
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticecaption","","REG_SZ"
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticetext","","REG_SZ"

hth

/tAK

Ugh.

Well I tried tAKTelapis' reg key setting but it didn't work. I had it run both at shutdown and startup and in each situation the prelogon banner still appeared. The .vbs file did work when clicked -- I viewed the registry and saw that the relevant entries were cleared -- but it appears that the in the order of execution at startup the Group Policy legal banner setting either comes after the execution of the startup script or that the Domain Group Policy supersedes the change in the registry made by the .vbs.

Any other suggestions anyone might have for this particular approach would be much appreciated.

Share this post


Link to post
Share on other sites

In this case your options are limited. If you look at FAQ#4 http://www.autoitscript.com/forum/index.php?showtopic=37289 it lists some ways to create an autoit service. If you set your autiit script to run as a startup service with interactive capabilties you could get around it I think. Many moons ago i wrote one that would manaully type in a username and password to the login box so i know keystrokes at that point are available. Unfortuatly this it was lost in the great Hard drive crash of '04...

Another post in this thread suggested making a registry change; I tried that and it didn't work so I then tried using AutoIt both as a service (using Pirmasoft RunAsSvc) and as a scheduled task scheduled to run when the computer started up.

In each case, nothing worked. I made sure to use functions that work when no user is logged in (WinWait and Control* ) as opposed to Win* Active functions, Mouse* functions and Send (source: http://www.autoitscript.com/forum/index.ph...+onto+computer) to no avail.

I just cannot activate the OK button on the prelogon legal banner.

Here are the various approaches I've tried:

RegWrite("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\enter.exe", "Type", "REG_DWORD", 0x110)

;Wait for the window "Notice" to exist and be active

WinWait("Notice")

$a = ControlGetFocus("Notice")

ControlSend("Notice", "", $a, "{ENTER}")

in place of the last two lines I also tried

ControlSend("Notice", "", ControlGetFocus ("", ""), "{ENTER}")

ControlSend("Notice", "", "", "{ENTER}")

ControlClick("Notice", "", $a)

I also tried without using the ControlGetFocus function.

I am using AutoIt v3.2.4.9 and verified that when the legal logon banner appears, that the OK button already is in focus.

In addition I have tried even just to do vbscript sendkeys run at system startup and that also won't activate the OK button.

Maddening...any other suggestions or ideas? Or should I finally give up?

Share this post


Link to post
Share on other sites

Try to use service (as someone said) which will in endless loop test

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticecaption" and

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticetext" values

and if it's non-empty then do RegWrite to empty values.

Share this post


Link to post
Share on other sites

Try to use service (as someone said) which will in endless loop test

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticecaption" and

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticetext" values

and if it's non-empty then do RegWrite to empty values.

A nifty approach. having it constantly cycle might help, the legal notices on a domain are usually fed down to the systems via group policy on the DC.

I added the previously mentioned VBs script to my LOCAL group policy:

Save the vbs to a .vbs file (renamed .txt document)

Set WshShell = WScript.CreateObject("WScript.Shell")
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticecaption","","REG_SZ"
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticetext","","REG_SZ"

then

goto:

Start > Run > GPEdit.msc

navigate to:

Computer Configuration > Windows Settings > Scripts (Start / Shutdown)

Add the .vbs script to shutdown (perhaps startup aswell) to that. now it runs when the computer shuts down, when it boots up, it should get past the User policy BEFORE the group policy updates from the DC (and replaces it).

BUT ! every time you logon, the legal notice details are re-entered into the registry (from GP on DC) so, it has to remain in place for every shutdown, and will not work if the power is cut, only if the computer is shutdown by a windows call.

Share this post


Link to post
Share on other sites

A nifty approach. having it constantly cycle might help, the legal notices on a domain are usually fed down to the systems via group policy on the DC.

I added the previously mentioned VBs script to my LOCAL group policy:

Save the vbs to a .vbs file (renamed .txt document)

Set WshShell = WScript.CreateObject("WScript.Shell")
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticecaption","","REG_SZ"
wshshell.Regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticetext","","REG_SZ"

then

goto:

Start > Run > GPEdit.msc

navigate to:

Computer Configuration > Windows Settings > Scripts (Start / Shutdown)

Add the .vbs script to shutdown (perhaps startup aswell) to that. now it runs when the computer shuts down, when it boots up, it should get past the User policy BEFORE the group policy updates from the DC (and replaces it).

BUT ! every time you logon, the legal notice details are re-entered into the registry (from GP on DC) so, it has to remain in place for every shutdown, and will not work if the power is cut, only if the computer is shutdown by a windows call.

Thanks for the very quick reply. I actually did the above -- added to the LOCAL GP -- but it didn't work.

Any other ideas? I know you've given me a lot of your time already so I am very grateful and if you're out of ideas that's cool -- you gave me a lot of input.

Share this post


Link to post
Share on other sites

#13 ·  Posted (edited)

Okay, this is my best guess...

Make this .reg file and Run it.

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"LegalNoticeCaption" = "Test"
"LegalNoticeText" = "The Legal notice has changed."

Then restart.

If the legal notice Changes, then its probably set from somewhere you can't access.

But if it doesn't change, it may just be something else entirely like maybe a "logon box"

Edit: I like your username BTW...

"Help me" in spanish

Edited by Paulie

Share this post


Link to post
Share on other sites

Okay, this is my best guess...

Make this .reg file and Run it.

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"LegalNoticeCaption" = "Test"
"LegalNoticeText" = "The Legal notice has changed."

Then restart.

If the legal notice Changes, then its probably set from somewhere you can't access.

But if it doesn't change, it may just be something else entirely like maybe a "logon box"

Edit: I like your username BTW...

"Help me" in spanish

Thanks for the thumbs up on the username and for the tip.

I actually did try a reg file to try to pinpoint the writing time. The reg file will produce a change in the registry, overwriting the original banner contents.

However after rebooting the original banner contents show up in the banner itself before getting to the ctrl alt del window.

Share this post


Link to post
Share on other sites

Try to use service (as someone said) which will in endless loop test

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticecaption" and

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticetext" values

and if it's non-empty then do RegWrite to empty values.

How would I make it loop? I am looking at the help file's RegRead and RegWrite but don't quite see how I can make it loop looking for the non-empty values.

Share this post


Link to post
Share on other sites

#16 ·  Posted (edited)

Try to use service (as someone said) which will in endless loop test

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticecaption" and

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnoticetext" values

and if it's non-empty then do RegWrite to empty values.

I ended up doing this:

;Delete banner registry entry

$caption = RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system", "legalnoticecaption")

$text = RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system", "legalnoticetext")

MsgBox(4096, "Caption:", $caption) <--- there just for testing purposes deleted for the version used at startup

MsgBox(4096, "Text:", $text) <--- there just for testing purposes deleted for the version used at startup

While $caption <> ""

RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system", "legalnoticecaption", "REG_SZ", "")

;MsgBox(4096, "Status caption:", "Not empty")<--- there just for testing purposes deleted for the version used at startup

WEnd

While $text <> ""

RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system", "legalnoticetext", "REG_SZ", "")

;MsgBox(4096, "Status text:", "Not empty")<--- there just for testing purposes deleted for the version used at startup

WEnd

It works on a computer not on the network; that is, if I fill in the applicable reg entries and then have local group policy write to them to put in non-empty values and have this run it indeed stops the legal banner at start up.

However, once on the network and exposed to Group Policy Inheritance from the DC, this script doesn't stop the legal banner.

So I've tried everything everyone here has been kind enough to recommend. I pretty much give up. Hope this is of use to anyone who comes across a similar situation. If anyone does have any other solutions, please let me know.

Edited by ayudame

Share this post


Link to post
Share on other sites

#17 ·  Posted (edited)

Sorry to resurrect such an old thread, but I found it via a Google search looking to solve a similar problem. I run some apps in XP mode from Win 7. Immediately when I launch such an app I'm prompted for auth info. An XP virtual machine loads for a couple of minutes. Then the legal notice enforced by domain policy appears. If I'm not paying attention and the notice remains active for a minute, the virtual machine complains that it didn't start in a timely fashion and closes, and I have to start over. Fail.

This thread provided part of the solution -- nullifying the values for HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\legalnotice*. Thanks tAKTelapis et al. After doing that, the rest of the trick is to modify the permissions of the system\ key to prevent the policy from re-populating.

1. Open regedit. Navigate to the HKLM\SOFTWARE\...etc...\system\ key as mentioned above. Make sure both the legalnoticecaption and legalnoticetext strings are empty before continuing.

2. Right-click the "system" key (folder) in the regedit window and go to Permissions.

3. Click Advanced at the bottom. Go to the Owner tab and take ownership of the key by highlighting your user account, check marking the Replace owner on sub-etc. box and clicking Apply.

4. Go to the Permissions tab and uncheck "Inherit from parent...." Click Remove on the pop-up notice, then click Apply. Dismiss the dire warning. The permission entries should now be empty. Cool. Hit OK on the Advanced Security Settings window, returning to the Permissions for system window.

5. On the Permissions for system window click "Add..." Click Locations and select your local computer, then OK to return to the Select Users, etc. window. Under "Enter the object names to select" type Users and click the Check Names button, then OK, returning to the Permissions for system window again.

6. With "Users" as the only entry under Group or user names, Users should already be selected. Under the Allow column, check mark Read. Hit Apply.

7. Go back to the Advanced button, check mark "Replace permission entries on all child objects blah blah", click Yes to dismiss the dire warning, then hit OK on everything and close the registry editor.

So now you own the key, and no other account, not even domain admins or local system account, can modify the legalnotice values. There's no need to loop a background check with Autoit.

Edited by calraith

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0