AutoLogon.psm1
|
#Define ASCII Characters $Equals = [Char]61 $Space = [Char]32 $SingleQuote = [Char]39 $DoubleQuote = [Char]34 $NewLine = "`n" #Load WMI Classes $OperatingSystem = Get-WmiObject -Namespace "root\CIMv2" -Class "Win32_OperatingSystem" -Property * | Select * #Define Functions #Set The Value Of A Registry Path Function Set-RegistryValue { [CmdletBinding(SupportsShouldProcess=$True)] Param ( [Parameter(Mandatory=$True)] [ValidateScript({$_ -like "HK*:*"})] [String]$Path, [Parameter(Mandatory=$True)] [String]$Name, [Parameter(Mandatory=$True)] $Value, [Parameter(Mandatory=$True)] [ValidateSet("Binary","DWord","ExpandString","MultiString","String","QWord")] [String]$ValueType ) $PSDrive_Name = $Path.Split(":")[0] If ($PSDrive_Name -eq "HKCR") {$PSDrive_Root = "HKEY_CLASSES_ROOT"} If ($PSDrive_Name -eq "HKCU") {$PSDrive_Root = "HKEY_CURRENT_USER"} If ($PSDrive_Name -eq "HKLM") {$PSDrive_Root = "HKEY_LOCAL_MACHINE"} If ($PSDrive_Name -eq "HKU") {$PSDrive_Root = "HKEY_USERS"} If ($PSDrive_Name -eq "HKCC") {$PSDrive_Root = "HKEY_CURRENT_CONFIG"} If (!(Get-PSDrive -Name $PSDrive_Name -PSProvider Registry -ErrorAction SilentlyContinue)) {$PSDrive_Create = New-PSDrive -Name $PSDrive_Name -Root $PSDrive_Root -PSProvider Registry} If (!(Test-Path -Path $Path -ErrorAction SilentlyContinue)) { New-Item -Path $Path -Force | Out-Null } New-ItemProperty -Path $Path -Name $Name -Value $Value -PropertyType $ValueType -Force | Out-Null If ($? -eq $True) { Write-Verbose -Message "Set-RegistryValue: `"$($Name)`" of type `"$($ValueType)`" with value of `"$($Value)`" in path `"$($Path)`" was successful" } Else { Write-Error -Message "Set-RegistryValue: `"$($Name)`" of type `"$($ValueType)`" with value of `"$($Value)`" in path `"$($Path)`" was unsuccessful" } } <# .Synopsis This powershell Cmdlet enables AutoLogon the next time the device reboots. Can be configured to only require a logoff. Additionally, a command can executed upon login. -Domain : Provide the domain of the user to be logged in. Default is the local workstation. -Username : Provide the username that the system will use to login. -Password : Provide the password for the username provided. Must be of type [System.Security.SecureString]. -LogonCount : Sets the number of times the system would reboot without asking for credentials. Default is 1. -ForceAutoLogon : Force auto logon without a restart. A logoff would be sufficient. -AsynchronousRunOnce : Allows the Windows interface to load while running the command specified in the command parameter. -Command : Provide the command that will be executed after the device is restarted. Example : $($PSHome)\powershell.exe -ExecutionPolicy Bypass -NoLogo -WindowStyle Normal -File `"$($Env:Windir)\Temp\MyPowershellScript.ps1`" .Description Enables AutoLogon. .Example $SecurePassword = ConvertTo-SecureString -String "" -AsPlainText -Force Enable-AutoLogon -Username "Administrator" -Password $SecurePassword .Example $SecurePassword = ConvertTo-SecureString -String "" -AsPlainText -Force Enable-AutoLogon -Username "Administrator" -Password $SecurePassword -LogonCount "3" .EXAMPLE $SecurePassword = ConvertTo-SecureString -String "" -AsPlainText -Force Enable-AutoLogon -Username "Administrator" -Password $SecurePassword -Command "$($PSHome)\powershell.exe -ExecutionPolicy Unrestricted -NoLogo -WindowStyle Maximized -File `"$($Env:Windir)\Temp\MyPowershellScript.ps1`"" .EXAMPLE $SecurePassword = ConvertTo-SecureString -String "" -AsPlainText -Force Enable-AutoLogon -Username "Administrator" -Password $SecurePassword -AsynchronousRunOnce -Command "$($PSHome)\powershell.exe -ExecutionPolicy Unrestricted -NoLogo -WindowStyle Maximized -File `"$($Env:Windir)\Temp\MyPowershellScript.ps1`"" #> Function Enable-AutoLogon { [CmdletBinding()] Param ( [Parameter(Mandatory=$False,ValueFromPipeline=$True,Position=0)] [Alias("DMN")] [String]$Domain = "$($Env:Computername)", [Parameter(Mandatory=$False,ValueFromPipeline=$True,Position=1)] [Alias("UN")] [String]$Username = "$($Env:Username)", [Parameter(Mandatory=$True,ValueFromPipeline=$True,Position=2)] [Alias("PW")] [ValidateNotNullOrEmpty()] [System.Security.SecureString]$Password, [Parameter(Mandatory=$False,ValueFromPipeline=$True,Position=3)] [AllowEmptyString()] [Alias("LC")] [UInt32]$LogonCount = "1", [Parameter(Mandatory=$False,ValueFromPipeline=$True,Position=4)] [Alias("FAL")] [Switch]$ForceAutoLogon, [Parameter(Mandatory=$False,ValueFromPipeline=$True,Position=5)] [Alias("ASRO")] [Switch]$AsynchronousRunOnce, [Parameter(Mandatory=$False,ValueFromPipeline=$True,Position=6)] [AllowEmptyString()] [Alias("Script")] [String]$Command = "$($PSHome)\powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoExit -WindowStyle Maximized" ) Begin { $RegistryPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" $RegistryRunOncePath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" $RegistryAsynchronousRunOncePath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" } Process { Try { [String]$UnsecurePassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Password)) Set-RegistryValue -Path $RegistryPath -Name "AutoAdminLogon" -Value "1" -ValueType String -Verbose Set-RegistryValue -Path $RegistryPath -Name "DefaultUsername" -Value $Username -ValueType String -Verbose Set-RegistryValue -Path $RegistryPath -Name "DefaultPassword" -Value $UnsecurePassword -ValueType String Set-RegistryValue -Path $RegistryPath -Name "DefaultDomainName" -Value $Domain -ValueType String -Verbose If ($PSBoundParameters.ContainsKey("LogonCount")) { Set-RegistryValue -Path $RegistryPath -Name "AutoLogonCount" -Value $LogonCount -ValueType Dword -Verbose } Else { Set-RegistryValue -Path $RegistryPath -Name "AutoLogonCount" -Value $LogonCount -ValueType Dword -Verbose } If ($PSBoundParameters.ContainsKey("Command")) { Set-RegistryValue -Path $RegistryRunOncePath -Name "(Default)" -Value $Command -ValueType String -Verbose } Else { Set-RegistryValue -Path $RegistryRunOncePath -Name "(Default)" -Value "" -ValueType String -Verbose } If ($ForceAutoLogon.IsPresent) { Set-RegistryValue -Path $RegistryPath -Name "ForceAutoLogon" -Value "1" -ValueType String -Verbose } Else { Set-RegistryValue -Path $RegistryPath -Name "ForceAutoLogon" -Value "0" -ValueType String -Verbose } If ($AsynchronousRunOnce.IsPresent) { Set-RegistryValue -Path $RegistryAsynchronousRunOncePath -Name "AsyncRunOnce" -Value "1" -ValueType Dword -Verbose } Else { Set-RegistryValue -Path $RegistryAsynchronousRunOncePath -Name "AsyncRunOnce" -Value "0" -ValueType Dword -Verbose } } Catch { Write-Output -InputObject $Error } } } <# .Synopsis This powershell Cmdlet disables AutoLogon completely. .Description Disables AutoLogon. .Example Disable-AutoLogon #> Function Disable-AutoLogon { Begin { $RegistryPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" $RegistryRunOncePath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" $RegistryAsynchronousRunOncePath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" } Process { Try { Set-RegistryValue -Path $RegistryPath -Name "AutoAdminLogon" -Value "0" -ValueType String -Verbose Set-RegistryValue -Path $RegistryPath -Name "DefaultUsername" -Value "" -ValueType String -Verbose Set-RegistryValue -Path $RegistryPath -Name "DefaultPassword" -Value "" -ValueType String -Verbose Set-RegistryValue -Path $RegistryPath -Name "DefaultDomainName" -Value "" -ValueType String -Verbose Set-RegistryValue -Path $RegistryPath -Name "AutoLogonCount" -Value "" -ValueType Dword -Verbose Set-RegistryValue -Path $RegistryPath -Name "ForceAutoLogon" -Value "0" -ValueType String -Verbose Set-RegistryValue -Path $RegistryRunOncePath -Name "(Default)" -Value "" -ValueType String -Verbose If ([Version]($OperatingSystem.Version) -lt [Version]"10.0") { Set-RegistryValue -Path $RegistryAsynchronousRunOncePath -Name "AsyncRunOnce" -Value "0" -ValueType Dword -Verbose } ElseIf ([Version]($OperatingSystem.Version) -ge [Version]"10.0") { Set-RegistryValue -Path $RegistryAsynchronousRunOncePath -Name "AsyncRunOnce" -Value "1" -ValueType Dword -Verbose } } Catch { Write-Output -InputObject $Error } } } #Export Module Functions Export-ModuleMember -Function "Enable-Autologon", "Disable-AutoLogon" |