function SetWinlogonPassword(
const Server, Password: WideString): Boolean;
var
oa : TLSAObjectAttributes;
hPolicy : LSA_HANDLE;
usServer : TLSAUnicodeString;
usKeyName : TLSAUnicodeString;
usPassWord : TLSAUnicodeString;
Status : NTSTATUS;
begin
ZeroMemory(@oa, sizeof(oa));
oa.Length := sizeof(oa);
try
RtlInitUnicodeString(@usServer, PWideChar(Server));
Status := LsaOpenPolicy(usServer, oa, POLICY_CREATE_SECRET, hPolicy);
if (NT_SUCCESS(Status))
then
begin
RtlInitUnicodeString(@usKeyName, '
DefaultPassword');
RtlInitUnicodeString(@usPassWord, PWideChar(Password));
Status := LsaStorePrivateData(hPolicy, usKeyName, usPassword);
end;
finally
LsaClose(hPolicy);
end;
Result := NT_SUCCESS(Status);
end;
////////////////////////////////////////////////////////////////////////////////
function SetAutoWinlogon(Server: WideString; Activate: Boolean; Username, Password: WideString): Boolean;
var
usPassword : TLSAUnicodeString;
usServer : TLSAUnicodeString;
reg : TMpuRegistry;
begin
Result := False;
reg := TMpuRegistry.CreateW(Server, HKEY_LOCAL_MACHINE);
if (Assigned(reg))
then
try
reg.Connect;
if reg.OpenKeyW('
Software\Microsoft\Windows NT\CurrentVersion\Winlogon', KEY_WRITE) = 0
then
begin
// Username
if Username <> '
'
then
reg.WriteStringW('
DefaultUserName', Username)
else
reg.DeleteValueName('
DefaultUserName');
// Domain
if Server <> '
'
then
// TODO: full unicode support
reg.WriteStringW('
DefaultDomainName', Server)
else
reg.DeleteValueName('
DefaultDomainName');
// Init unicode string
RtlInitUnicodeString(@usPassword, PWideChar(Password));
RtlInitUnicodeString(@usServer, PWideChar(Server));
// Set the password in secret stash
if SetWinlogonPassword(usServer.Buffer, usPassword.Buffer)
then
begin
Result := True;
end;
reg.DeleteValueName('
DefaultPassword');
// Activate autologon
reg.WriteString('
AutoAdminLogon', IntToStr(ord(Activate)));
end;
finally
reg.Free;
end;
end;