5

With Windows XP I used to run a VBS script after using a clients computer to set their user account as the last logged on user.

Unfortunately the script no longer works in Windows 7. (Resulting in some users locking out my account when they try to log on and find that their password is not the same as mine!)

Here is an example of the script I was using:

http://www.itsupportguides.com/vbs-scripts/using-vbs-to-set-the-last-user-logged-on-windows-xp

EDIT : Additional Information on our environment

Our environment:

  • UAC Enabled
  • Logging on as 'itsupport' account, which is a member of the Local Administrators group
  • All systems now have Windows 7 Enterprise installed
  • All systems are joined to an Active Directory domain
Improve this question
2
  • 1
    Do you have UAC enabled? If so, are you running the script with administrator privileges?
    – Bacon Bits
    Commented Jun 13, 2011 at 1:18
  • UAC is enabled. I've tried running the script with Administrator rights. Script runs successfully and I can see the changed made to the registry, however after restarting or logging of Windows 7 still shows 'itsupport' as the last logged on user. I've added additional information about our enviroment (pretty standard)
    – ovann86
    Commented Jun 13, 2011 at 1:51

3 Answers 3

Reset to default
4

Thank you to those that helped with this issue.

After some further research I found that Windows 7 does not use the same 'Winlogon' registry key for storing the last loggedon user, insead it uses 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\LastLoggedOnUser

The second issue I had was allowing making the VBS script run as an elivated user (Administrator) without having to use 'runas' or an elevated command prompt.

After some trial and error I created the following script which successfully changes the last logged on user for domain added Windows 7 workstations.

Hopefully others here will find it helpful - I know I will!

Set Last Loggedon - Win7.vbs

    '--------------
'Start of UAC workaround code

If WScript.Arguments.length =0 Then
  Set objShell = CreateObject("Shell.Application")

  objShell.ShellExecute "wscript.exe", Chr(34) & _
  WScript.ScriptFullName & Chr(34) & " uac", "", "runas", 1
Else

'--------------
'Start of code

    dim WSHShell
    Set WSHShell = Wscript.CreateObject("WScript.Shell")
    dim strRegKey
    strComputerName = wshShell.ExpandEnvironmentStrings( "%COMPUTERNAME%" )
    strRegKey = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\"

    StrUser = InputBox("Please enter in username," & vbCrLf & vbCrLf & "e.g. joe.local", "Set Last logged on", "UserName")
    StrDomain = InputBox("Please enter in domain for logon," & vbCrLf & vbCrLf & "e.g. DOMAIN", "Set Logon Domain OR leave blank if a local user account")

    If StrDomain = "" then
         StrDomain = "."
       Else
    End If

    wshShell.RegWrite strRegKey & "LastLoggedOnUser", StrDomain & "\" & StrUser, "REG_SZ"

        WScript.Echo "Setup Completed. Please restart the computer to complete the process"

    '--------------
    'End of code


    '--------------
    'End of UAC workaround code

    End If

Full Source: Windows 7 - VBS script to change last user logged on user

Improve this answer
2
  • 1
    Great resource. While we use the similar GPO setting, this makes more sense for computers where typically only one user ever logs in.
    – surfasb
    Commented Jul 23, 2011 at 1:55
  • EXCELLENT! Script works but the user's profile picture doesn't change. Cannot be used for stealth.
    – user179773
    Commented Dec 12, 2012 at 13:25
2

I'm guessing that Windows 7 is configuring the registry sometime after you run the script. Likely when you log out. You could do something like storing the username in the registry under a custom key (HKLM\Software\MyCompany is pretty common). Then you make a Shutdown or Startup script which does:

  1. Read the username from a value in the custom key. If it's blank, do nothing and quit.
  2. Set the HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WINLOGON\ values to use this username.
  3. Blank the username value in the custom registry key.

It depends on when Windows is populating that registry key and how it's determining the last logged on user. You can use remote registry (either regedit or reg.exe) to determine the data in the WinLogon values.

Improve this answer
0

I did some testing on my Win 7 x64 Enterprise machine. The script can be launched by a user without administsrative rights, and all prompts are correctly displayed. The trick is to launch the script under a account with local admin rights AND with the administrative access token requested (by default a local admin user doesn't have full admin rights prior to the request).

To correctly run your script, launch cmd with admin rights (Start, enter CMD in start menu search, right click cmd and choose 'Run as administrator') and then launch your script from within this CMD window.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .