Automatic Logon

The Automatic Logon feature allows a user to automatically log on to a Windows XP-based system every time the system boots using configured information, and disables the Control+Alt+Delete logon box.

Note   Enabling this component provides unrestricted access to this device to anybody who has physical access to the device or who can remotely view the device's registry. For more information about access provided by this component, read the detailed Notes section before you implement this feature. For more information about best practices for security, see Security in the Windows Embedded Studio Help.

Services

There are no services for this component.

Associated Components

This component requires the Windows Logon (Standard) component and is not useful in a Minlogon configuration.

Settings

The following table shows the settings that are available for this component.

Setting nameDefault settingDescription
Domain nameNoneThe name of the domain that the user account is in
User nameNoneThe name of the user account
PasswordNoneThe password of the user account, in clear text

Notes

If you add Automatic Logon capability to a Windows XP-based system, anyone who can physically access the computer can access everything that is on the device, including any network or networks that the device is connected to. In addition, if you enable automatic logon, the password is stored in the registry in plain text. The specific registry key that stores this value is remotely readable by the Authenticated Users group. As a result, using this setting is appropriate only if the computer is as physically secured as possible and if you ensure that untrusted users cannot remotely see the registry.

Adding the Automatic Logon component by itself does not provide domain participation functionality. Windows XP Embedded provides a Domain Participation macro component, which you can include in your configuration in Target Designer if your run-time image requires domain membership.

For automatic logon to domain to work, the following registry values must be manually added or corrected after FBA and after joining the domain, but before the reboot required after joining the domain:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName to someUser;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword to somePassword;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName to someDomain;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon to 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CachePrimaryDomain to someDomain


© 2006 Microsoft Corporation. All rights reserved.


Show: