Auto logon to domain?

[owoods]

Hi

Is it possible to remove the option to logon to the local machine from the logon screen? IE, all logons must be to the domain and if the DC is not available then that's tough luck.

Furthermore, can I specify this in my answer file/reg updates?

TIA

Oli

[InTheWayBoy]

Well if you don't create any local users, and disable the local admin account, then there is nothing for them to log into.

If you are doing a fresh install then you can add this to your *.sif:

DisableAdminAccountOnDomainJoin=1

Now I don't know if that will work unless you join the domain from within the *.sif, but it's a start. I think you can also disable the local admin through a Group Policy.

[owoods]

Thanks for your response, but I want to physically remove the box from the logon screen.

A lot of our users are not very computer orientated and I get lots of calls from users saying that they cannot logon - 99% of the time they are trying to logon locally with their domain account!

See my problem?

Ol

[mattofak]

I know there is a way to set the perferred domain via the GPO, but I cannot remember where in that mess it is... I think there is also a way to disable the whole dern select domain box from somewhere in the registry...

Hope the knowledge that something can be done helps, even though I cannot remember how to do it... srry

[ringfinger]

I believe you can do this with the W2k resource kit with the ntrights.exe command combined with GPOs.

M$ Site

Syntax