Forum Discussion
Disable Windows automatic redeployment at logon screen
Looking for a way to disable the automatic redeployment screen from ever showing up. I have been unable to find a GPO, registry setting, DISM or powershell command that can do this. It is a scree that will show up once windows auto logon is disabled on our multi-user domain computers. The devices are running 1709 (FCU) and if you click sign-in options it will show the normal login, but if you enter a admin account it will reset windows to factory. We are using SCCM but not Intune.
8 Replies
- After updating the BIOS on a Dell PC running W10 Pro under Intune management, I was presented with the Redeploy Windows option at the login screen. It was not requested and not wanted. The PC is currently resetting.
We ran in to the same issue when I installed Imprivata Onesign it must have enabled the auto logon. I was not sure what had ha-pend at first. as soon as i uninstalled the software i was able to click other user to sign in again. have not found a work around yet.
- We called Imprivata. The first guy we got didn't know anything about what we were talking about, and told us it was a Microsoft Windows 10 problem (well, sure -- but it is being planted by Imprivata).
We called 30 minutes later, after we discovered that it was only happening on Imprivata 5.4 and higher (and not 5.3).
They have internal KB articles that they don't share with the world. Here's the answer to this problem according to their internal KB:
----------------------------------------------
ONE-SIGN AGENT ENABLES WINDOWS REDEPLOYMENT FEATURE ON ENDPOINTS THAT HAVE WINDOWS 10 1709 INSTALLED: (DEFECT #SER-4807)
1.) Run Regedit on the Windows 10 Endpoint.
2.) Navigate to [HKLM]\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
3.) Rename “Wrapper for Automatic Redeployment Credential Provider” with the following GUID
{11660363-49E2-4F87-AB2E-FD210019AE88} by adding an "_" at the front so the string should look like this:
_{11660363-49E2-4F87-AB2E-FD210019AE88}
This will prevent the issue from happening. Now you can reboot the Windows 10 machine and the redeployment option will not come back.
If the above workaround does not resolve the issue then follow the workaround below, but this should not be necessary:
After installing the Agent, but before rebooting* (do not allow the installer to reboot yet), rename the whole registry key:
{11660363-49E2-4F87-AB2E-FD210019AE88}
to something else. Then reboot, and you should not be forced into Windows Automatic Redeployment.
Here is the key, as originally installed by the Agent:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{11660363-49E2-4F87-AB2E-FD210019AE88}]
@="OneSign Wrapper for Automatic Redeployment Credential Provider"
"WrappedCLSID"="
{01A30791-40AE-4653-AB2E-FD210019AE88}
-------------------------------------------------------
We deployed this change as an Update via GPO Local Machine registry.Thanks Michael. I pasted the first part of you message that worked for me. The one comment I would make is that I don’t think the key existed until I loaded the Imprivata software. Then, when it asked to reboot I did the registry edit. I am perplexed why there isn’t more complaints on the web about this issue.
Thanks again.
----------------------------------------------
ONE-SIGN AGENT ENABLES WINDOWS REDEPLOYMENT FEATURE ON ENDPOINTS THAT HAVE WINDOWS 10 1709 INSTALLED: (DEFECT #SER-4807)
1.) Run Regedit on the Windows 10 Endpoint.
2.) Navigate to [HKLM]\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
3.) Rename “Wrapper for Automatic Redeployment Credential Provider” with the following GUID
{11660363-49E2-4F87-AB2E-FD210019AE88} by adding an "_" at the front so the string should look like this:
_{11660363-49E2-4F87-AB2E-FD210019AE88}
This will prevent the issue from happening. Now you can reboot the Windows 10 machine and the redeployment option will not come back
Same here - as soon as we use autologon automatic redeploy gets activated
- I have the exact same issue - for some reason the login screen defaults to automatically redeploy instead of user login. I too can't seem to figure out a way to get this changed.
