We've begun our migration to windows 7 and we ran into an interesting issue. When we hit "CTRL+ALT+DEL" we are brought to the "User selection Screen". Normally, this screen will have an icon for every local user for the machine. These machines are Domain members with "Fast User Switch" disabled so no user names are listed only the "Other User" option. If you click "Other User" or hit enter, the system moves on to the normal login screen where it prompts for user name and password.
Here's the issue: We want to find a way to skip over the part where a user selects "Other User". We essentially want the system to always assume that we always want "Other User" and to go directly to the login screen when a user hits "CTRL+ALT+DEL".
What I find odd is that the "Other User" doesn't show up until we've had more than one domain user log in. Right after we re-image the machine, the login process goes directly to the user credential prompt.
[EDIT]
Security Policies set by Active Directory:
- Interactive logon: Do not display last user name = Enabled
- Interactive login: Do not require CTRL + ALT + DEL = Disabled
[End Edit]
Anyone have any ideas?
-
Go to control panel -> Users -> Change the way users log on/off -> then uncheck the option that says use the welcome screen. That should give you the old style login box.
It's not quite as pretty as the "other user" option but it does save the extra mouse clicks.
Doltknuckle : I don't see the "Change the way users log on/off" option. This is a domain machine so I don't know if that makes a difference.Doltknuckle : Does this change a registry setting? This option is set to "not configured" in Group Policy on the Domain. Getting that changed would require justifying it to the head of IT, which is a pain.From Dan Kingdon -
The expected behavior is for your configuration - do not show last login - to work the way you're asking for it to, so something else is amiss. I've sometimes seen this behavior when there is a corrupted user profile entry in the registry. Look in
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileListand see if you have any profile ID duplicates that end in.bak. If you do, delete the one without the.bak, and remove the.bakfrom the other one. Log off, and the login screen should be back to normal. If this isn't the issue, post back and we'll see what else could be the problem.Doltknuckle : I only have the "S-1-5-18" through "S-1-5-20" keys as well as the five (5) "S-1-5-21" user accounts on this machine. There are no duplicates or ".bak" keys.nhinkle : Hm, odd. Do you have any custom credential providers registered? You might want to try exporting the `HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon` and `HKLM\Software\Microsoft\Windows\CurrentVersion\Policies` keys, then do a diff against the same export from a newly imaged machine, and see if there are any differences which might indicate what's being changed. Those two keys are where settings like hide last username, etc. are stored, so it could be something in there.nhinkle : Any luck finding any differences in those registry keys? Or any other solutions?From nhinkle -
Apply following GPO's: Group Policy Management
Create or select the "Default Domain Policy", Edit
Once the 'Group Policy Management Editor' is opened, make 4 modifications
Computer Config - Policies - Window Settings - Security Options - 'Interactive Login: Do not display last user name' = Enable
Computer Config - Policies - Window Settings - Security Options - 'Interactive Login: Do not require Ctrl+Atl+Del' = Disable
Then
Computer Config - Policies - Administrative Templates - Logon - 'Hide entery points for Fast User Switching' - Enable
Computer Config - Policies - Administrative Templates - Logon - 'Always use classic logon' - Enabled - Enable
Doltknuckle : The "Always use classic logon" only applies when the machine is not part of a domain if the description in gpedit is correct. These are Domain computers. Thanks for the suggestion though.From Ian Stockdale -
Did you find a solution to this problem? Its stopping me doing some automated load testing for Windows 7 in a VDI environment, my scripts cant handle the task of "Clicking on other user"
From Skippy
0 comments:
Post a Comment