Autologon still there after joining domain

OBrien9703 1 Reputation point
2023-08-25T22:49:05.59+00:00

Hello everybody,

I would like to ask some advice as I am having an issue with an Autologon I created in an "Unattend.xml" file from a custom Windows 11 Professional image I finalized using Sysprep.

Everything works fine for the first OOBE phase and Autologon is logging itself with a local account and executing a custom script as expected.
That being said, as soon as I join the computer to the domain, at next reboot Autologon is still trying to connect whereas I should get the logon screen with empty fields, ready to connect a domain account.

Here is the content of my "Unattend.xml" file, just in case :

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="generalize">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <DoNotCleanTaskBar>true</DoNotCleanTaskBar>
        </component>
    </settings>
    <settings pass="specialize">
        <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <Home_Page>http://intranet</Home_Page>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <RegisteredOrganization>My Company</RegisteredOrganization>
            <RegisteredOwner>My Company</RegisteredOwner>
            <DoNotCleanTaskBar>true</DoNotCleanTaskBar>
            <TimeZone>Romance Standard Time</TimeZone>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>040c:0000040c</InputLocale>
            <SystemLocale>fr-FR</SystemLocale>
            <UILanguage>fr-FR</UILanguage>
            <UserLocale>fr-FR</UserLocale>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <AutoLogon>
                <Password>
                    <Value>TuG56ee10vga57e92764D==</Value>
                    <PlainText>false</PlainText>
                </Password>
                <Domain>.</Domain>
                <Enabled>true</Enabled>
                <LogonCount>1</LogonCount>
                <Username>Administrator</Username>
            </AutoLogon>
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
                <HideLocalAccountScreen>true</HideLocalAccountScreen>
                <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <ProtectYourPC>3</ProtectYourPC>
            </OOBE>
            <RegisteredOrganization>My Company</RegisteredOrganization>
            <RegisteredOwner>My Company</RegisteredOwner>
            <FirstLogonCommands>
                <SynchronousCommand wcm:action="add">
                    <Order>1</Order>
                    <CommandLine>C:\Temp\Startup.exe</CommandLine>
                </SynchronousCommand>
            </FirstLogonCommands>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="wim:d:/windows%2011%20professionnel%20pour%20les%20stations%20de%20travail%2022h2/install.wim#Windows 11 Pro for Workstations" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

The strange thing is that I never had this behaviour with a Windows 10 custom image.
Indeed, as soon as the computer joined the domain, then the standard Winlogon screen was appearing and registry entries for Autologon, password and default domain were automatically deleted (no GPO is configured for that actually).

Before I set an automatic script deleting the Autologon registry entries at first OOBE, I just preferred to ask first on this forum if I was not doing something wrong with my "Unattend.xml" file (the only thing I added is the automatic script running at startup).

Thanks in advance for your advice.

Fred

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,435 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. OBrien9703 1 Reputation point
    2023-08-27T17:25:19.6633333+00:00

    Hello everybody,

    I am replying to my own post and after further research, then I will apply this solution :

    https://learn.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-shell-setup-autologon-logoncount#logoncount-known-issue

    In addition, I will have to remove manually both "DefaultUser" and "DefaultPassword" entries once the OOBE has logged the Autologon account.

    Fred

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.