NT Gatekeeper: Changing the Last Logged-On User Account Name

My Help desk administrators often go to a user's office to resolve a technical problem. In most cases, the Help desk administrators use their administrator Windows NT 4.0 domain account to log on to the user's machine. Often, shortly after they leave a user's office, an administrator gets another Help desk call because the user can no longer log on to the domain. Users forget to reenter their user accounts in the logon dialog box. (NT 4.0 always remembers the last logged account—in this case, the administrator account.) How can I automatically restore the user's account after an administrator's intervention?

NT remembers the last logged account by storing it in the registry. NT stores the account in the DefaultUserName value in the HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon registry subkey.

To eliminate the additional Help desk calls, you must teach your administrators how to change the DefaultUserName value back to the original user account. To change the value, use regedit or regedt32 to change the value back to the original account manually.

You can also make your administrators' lives easier by providing a predefined registry file (*.reg) or a batch file on some central share that only administrators can access. The registry file should contain the text

REGEDIT4[HKEY_LOCAL_MACHINESOFTWAREMi  crosoftWindows NT  CurrentVersionWinlogon]"DefaultUserName"="FILLINUSERNAMEHERE"

At the end of the intervention, the administrator can copy the text (which changes FILLINUSERNAMEHERE to the original user account) to the user machine, save it, and execute it by double-clicking it. An alternative is to provide a batch file such as the one Listing 1 shows on a central share. Name the file resetuser.bat. At the end of the intervention, the administrator simply runs

resetuser %UserName%

where %UserName% is the original user account, from the command prompt to write the original user account back to the registry.