Windows Server Hacks: Find Computers with Automatic Logon Enabled
Written expressly for system administrators, this book offers tips and techniques that go beyond the basic management tasks. The hack shown here will show you how to find out which machines on your network have automatic logon enabled.
Posted with permission of O'Reilly. Click here for a detailed description and to learn how to purchase this title.
Hack #76: Find Computers with Automatic Logon Enabled
Having automatic logon enabled on a computer can be a security risk. Here's a quick way to find out which machines on your network have automatic logon enabled.
ISBN: 0-596-00647-0
While enabling automatic logon [Hack #4] in Chapter 1 can be useful in certain scenarios, such as a test network, it can also be a security risk, especially if it is enabled on a computer without the administrator's knowledge. Here is a quick and dirty way to locate all machines that have automatic logon enabled in their Registry.
You'll need the following tools:
- The regfind.exe utility, which is available from the Windows NT/2000 resource kits.
- A list of machines to search, which can be obtained in many different ways (including an SMS report, server manager, etc.). The list should be a plain text file named serverlist.txt in the following format:
server1server2server3server4etc...
- A user account that has administrative rights to the Registry on the machines being queried. Typically, a domain administrator account will work just fine.
Create a batch file that will use the provided list and kick off regfind. For this we will use the FOR DOS command (all on one line - text is wrapped here to fit the constraints of the page):
for /F %%A in (serverlist.txt) do (regfind.exe -m \\%%A -p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n"Autoadminlogon" >results.txt)
You can see that we are simply parsing the serverlist.txt file for each server name, then instructing regfind to locate that Registry key. There are two caveats, though. First, the results can be hard to read while the search is going on. It is recommended that you pipe the results to a text file (the preceding example does this). Second, regfind is case-sensitive. This can make the search a bit longer, but it's still fairly easy. Instead of just a one-line batch file, you simply have a few more (almost identical) lines. A larger sample of the completed batch file looks something like this (again, all on one line -- beware of line wrap):
for /F %%A in (serverlist.txt) do (c:\work\adminlogon\regfind.exe -m \\%%A-p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n "Autoadminlogon" >results.txt)for /F %%A in (serverlist.txt) do (c:\work\adminlogon\regfind.exe -m \\%%A-p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n "AutoadminLogon" >results.txt)for /F %%A in (serverlist.txt) do (c:\work\adminlogon\regfind.exe -m \\%%A-p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n "AutoAdminlogon" >results.txt)for /F %%A in (serverlist.txt) do (c:\work\adminlogon\regfind.exe -m \\%%A-p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n "AutoAdminLogon" >results.txt)for /F %%A in (serverlist.txt) do (c:\work\adminlogon\regfind.exe -m \\%%A-p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n "autoAdminlogon" >results.txt)for /F %%A in (serverlist.txt) do (c:\work\adminlogon\regfind.exe -m \\%%A-p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n "autoadminlogon" >results.txt)for /F %%A in (serverlist.txt) do (c:\work\adminlogon\regfind.exe -m \\%%A-p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n "autoAdminLogon" >results.txt)for /F %%A in (serverlist.txt) do (c:\work\adminlogon\regfind.exe -m \\%%A-p "hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon" -n "autoadminLogon" >results.txt)
Using this method, you can scan a select list of workstations/servers for this key fairly quickly.
Hacking the Hack This procedure can easily be modified to find out other Registry keys as well, simply by changing the key name to search for. Enjoy!
—Donnie Taylor
More Windows Server Hacks
O'Reilly
Build your tech library with our book giveaways.
Windows PowerShell 2.0 Unleashed
By Tyson Kopczynski, Pete Handley, Marco Shaw; Published by Sams
Windows PowerShell Unleashed will not only give you deep mastery over PowerShell but also a greater understanding of the features being introduced in PowerShell 2.0–and show you how to use it to solve your challenges in your production environment. Enter now!
Ubuntu Server Administration
By Michael Jang; Published by McGraw-Hill Osborne Media
Realize a dynamic, stable, and secure Ubuntu Server environment with expert guidance, tips, and techniques from a Linux professional. Ubuntu Server Administration covers every facet of system management -- from users and file systems to performance tuning and troubleshooting. Enter now!
