Windows Server Hacks: Find Computers with Automatic Logon Enabled
Written expressly for system administrators, this book offers tips and techniques that go beyond the basic management tasks. The hack shown here will show you how to find out which machines on your network have automatic logon enabled.
Posted with permission of O'Reilly. Click here for a detailed description and to learn how to purchase this title.
Hack #76: Find Computers with Automatic Logon Enabled
Having automatic logon enabled on a computer can be a security risk. Here's a quick way to find out which machines on your network have automatic logon enabled.
ISBN: 0-596-00647-0
While enabling automatic logon [Hack #4] in Chapter 1 can be useful in certain scenarios, such as a test network, it can also be a security risk, especially if it is enabled on a computer without the administrator's knowledge. Here is a quick and dirty way to locate all machines that have automatic logon enabled in their Registry.
You'll need the following tools:
- The regfind.exe utility, which is available from the Windows NT/2000 resource kits.
- A list of machines to search, which can be obtained in many different ways (including an SMS report, server manager, etc.). The list should be a plain text file named serverlist.txt in the following format:
server1server2server3server4etc...
- A user account that has administrative rights to the Registry on the machines being queried. Typically, a domain administrator account will work just fine.
Create a batch file that will use the provided list and kick off regfind. For this we will use the FOR DOS command (all on one line - text is wrapped here to fit the constraints of the page):
for /F %%A in (serverlist.txt) do (regfind.exe -m \\%%A -p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n"Autoadminlogon" >results.txt)
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
Windows networking
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
logonexpert
Awesome hack! I use the logonexpert automatic logon tool to protect the password