User creation with password and autologin after reboot

Here is the script I wrote:

$MyPassword = ConvertTo-SecureString (-join([char[]](33..122) | Get-Random -Count 10)) -AsPlainText -Force
new-localuser -name "Candidat" -Description "Compte Candidat" -password $MyPassword -UserMayNotChangePassword -AccountNeverExpires
Add-LocalGroupMember -Group 'Utilisateurs' -Member ('Candidat') –Verbose
# Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" -Name "DevicePasswordLessBuildVersion" -Value 0
$MyUsername = 'Candidat'
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "AutoAdminLogon" -Value 1
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "DefaultUsername" -Value $MyUsername -type String 
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "DefaultPassword" -Value $MyPassword -type String 

Restart-Computer -Force

But It doesn't work, the session opening is not authorized.

English is a second language for me, sorry for mistakes

0 Comments   [ + ] Show comments

Answers (2)

Answer Summary:
Posted by: JordanNolan 1 year ago
10th Degree Black Belt

Top Answer

It is not working because your Default Password is being set to "System.Security.SecureString" exactly as the text, not the secure password you are trying to randomly create.   Change your first line to these two lines:

$GetRandom = -join([char[]](33..122) | Get-Random -Count 10)
$MyPassword = ConvertTo-SecureString ($GetRandom) -AsPlainText -Force

And change the line for setting the default password in the registry to:

Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "DefaultPassword" -Value $GetRandom -type String 

I will assume you already have a local security group called Utilisateurs

Posted by: tifred@007 1 year ago
White Belt

It just works, thanks a lot, it's been a week for me to idle on this script


here is the corrected script:

# Génération du mot de passe$GetRandom = -join([char[]](33..122) | Get-Random -Count 10)$MyPassword = ConvertTo-SecureString ($GetRandom) -AsPlainText -Force# Création utilisateurnew-localuser -name "Candidat" -Description "Compte Candidat" -password $MyPassword -UserMayNotChangePassword -AccountNeverExpiresAdd-LocalGroupMember -Group 'Utilisateurs' -Member ('Candidat') –Verbose$MyUsername = 'Candidat'# Activation AutologonSet-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "AutoAdminLogon" -Value 1Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "DefaultUsername" -Value $MyUsername -type String Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "DefaultPassword" -Value $GetRandom -type String Restart-Computer -Force
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ