How do I enable Automatic Logon in Windows 7 when I'm on a domain?

windows-7 login automation windows-domain

616,993

Solution 1

Click Start, click Run, type regedit, and then click OK. In Windows Vista/7, simply type regedit in Start Search and hit Enter.

Navigate to the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Double-click the DefaultUserName entry, type the user name to log on with, and then click OK.

If DefaultUserName registry value name is not found, create a new String Value (REG_SZ) with value name as DefaultUserName.

Double-click the DefaultPassword entry, type the password for the user account under the value data box, and then click OK.

If there is no DefaultPassword value, create a new String Value (REG_SZ) with DefaultPassword as the value name.

Note that if no DefaultPassword string is specified, Windows automatically changes the value of the AutoAdminLogon registry key from 1 (true) to 0 (false) to turn off the AutoAdminLogon feature.

In Windows Vista/7, DefaultDomainName has to be specified as well, else Windows will prompt for invalid user name with the user name displayed as .\username. To do so, double click on DefaultDomainName, and specify the domain name of the user account. If it’s local user, specify local host name.

If the DefaultDomainName does not exist, create a new String Value (REG_SZ) registry key with value name as DefaultDomainName.

Double-click the AutoAdminLogon entry, type 1 in the Value Data box, and then click OK.

If there is no AutoAdminLogon entry, create a new String Value (REG_SZ) with AutoAdminLogon as the value name.

If it exists, delete the AutoLogonCount key.

Also if it exists, delete the AutoLogonChecked key.

Quit Registry Editor.

Click Start, click Restart, and then click OK.

Solution 2

Further to William Hilsum's answer, this method does not require you to leave the password in plain text in the registry (although I am not sure how the authentication is actually stored).

Step 1

As a local administrator, tell Windows to allow admins to log on automatically.

In Regedit, browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon. If it is not there, create a new String Value called AutoAdminLogon Set this value to 1

Step 2

Tell Windows to remember the password for logging in.

In the run box, type control userpasswords2 Ensure your domain username is in the list, if not, add it. Untick (or tick and untick): Users must enter a user name and password to use this computer. Make sure your username is selected. Click Apply.

At this point, Windows should prompt for the password that will be used.

Step 3

Now head back to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Ensure the following String Values are set, if not, set them:

DefaultUserName: Your domain username (without the domain prefix)
DefaultDomainName: Your domain

That should be it.

Note on password changes:

You will need to redo this procedure from step 2 each time you change your password. Unfortunately Windows resets the DefaultDomainName to your local machine name every time you save that dialogue, so you have to change it back manually.

Solution 3

Further to @Adam Millerchip's answer, we can reduce the password-change effort to what it was prior to joining a domain, when we always had to run control userpasswords2 again every time to store the new password. Now we're on a domain, we can just run a batch file instead that runs control userpasswords2 and also restores our domain and username registry settings:

AfterPwdChange.bat

control userpasswords2
pause
regedit /s WinLogonBit.reg

WinLogonBit.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultUserName"="mydomainusername"
"DefaultDomainName"="mydomain"

And if the reason for wanting the auto-logon is to get startup programs running, we might still prefer the workstation to end up locked after power-up. If so, we can place a shortcut in the Startup folder with the following command:

C:\Windows\System32\rundll32.exe user32.dll,LockWorkStation

616,993

BinaryMisfit

Living in sunny Durban, South Africa, I have been actively involved in IT since 1995. I develop software for a major retail chain. When not in front of the computer I spend time with my family.

Updated on September 17, 2022

Comments

BinaryMisfit almost 2 years

When Windows 7 is joined to a domain the option to automatically login is no longer available in the advanced User Management console. Since I am running a small home domain because of SharePoint and TFS, how would I go about enabling this setting?

The HowToGeek Article here covers it however the options are disabled when joined to a domain.
jmtd about 13 years

I can confirm this works with a Windows 7 VM joined to the domain. I have mild concerns about how accessible the password in the registry is: no privileges are required to read those keys; but the VM is used soley by me, so hopefully it isn't too serious.
William Hilsum about 13 years

@jmtd - working, and security best practices are two separate things! I would only recommend this for a kiosk/guest/similar account.
Bacon Bits about 13 years

On a kiosk, you should use Group Policy to disable registry access to prevent users from accessing the logon password. The setting is User Config\Admin Templates\System\Prevent Access to Registry Editing Tools.
Josh M. over 11 years

It must have been SP1 of Windows 7 that got rid of the "userpasswords2" control panel applet. It doesn't seem to exist any more.
Adam Millerchip over 11 years

It works for me on SP1. Have you run it from the Run box as instructed? It's not listed in the control panel - you have to run it manually.
Josh M. over 11 years

It could be that I'm on a domain and that control panel applet is not available in that case. Not sure why, but it doesn't come up. I've been using control userpasswords2 since 2003 or so. ;-)
Adam Millerchip over 11 years

Just had a thought. As per the OP's link, did you also try netplwiz?
Ray Cheng almost 10 years

@AdamMillerchip, Microsoft stated that netplwiz does not work for domain members.
jmagnusson over 9 years

I prefer this answer as the password doesn't seem to be stored in plaintext. Worked for me in a domain environment on Win7 SP1.
Tmdean over 9 years

That's probably not the smartest way to do it. There are multiple ways to get at the registry without using regedit.exe. VBScript, PowerShell, the "reg" command, and probably more. I think it's a better idea to change the ACL on the registry key itself to prevent users from viewing it.
William Hilsum over 9 years

... To add to the little comment I made, if using this for a kios or similar, you would hopefully be using locked down software/a browser in kiosk mode or more so users wouldn't actually have access to the desktop...
SimonS over 7 years

FYI: This won't work if you have any third party identifier like in my case ekey (fingerprint logon software) - so you have to remove that program for this to work
Joseph over 5 years

What does this command do? Please explain and I’ll remove my downvote.
Rey Juna over 5 years

Welcome to SuperUser! You are posting to a question that was answered 9 years ago and by the votes it looks like that answer was very helpful. I'm not sure if your answer adds anything to this without further explanation of what this does. You will find that you will have a better experience if you take moment to take the Stack Overflow tour. If you follow the norms of the Stack Overflow community and approach it with an attitude of helping others too, it will serve you well.