NT Gatekeeper: Changing the Last Logged-On User Account Name


My Help desk administrators often go to a user's office to resolve a technical problem. In most cases, the Help desk administrators use their administrator Windows NT 4.0 domain account to log on to the user's machine. Often, shortly after they leave a user's office, an administrator gets another Help desk call because the user can no longer log on to the domain. Users forget to reenter their user accounts in the logon dialog box. (NT 4.0 always remembers the last logged account—in this case, the administrator account.) How can I automatically restore the user's account after an administrator's intervention?

NT remembers the last logged account by storing it in the registry. NT stores the account in the DefaultUserName value in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon registry subkey.

To eliminate the additional Help desk calls, you must teach your administrators how to change the DefaultUserName value back to the original user account. To change the value, use regedit or regedt32 to change the value back to the original account manually.

You can also make your administrators' lives easier by providing a predefined registry file (*.reg) or a batch file on some central share that only administrators can access. The registry file should contain the text


  crosoft\Windows NT  CurrentVersion\Winlogon\]

At the end of the intervention, the administrator can copy the text (which changes FILLINUSERNAMEHERE to the original user account) to the user machine, save it, and execute it by double-clicking it. An alternative is to provide a batch file such as the one Listing 1 shows on a central share. Name the file resetuser.bat. At the end of the intervention, the administrator simply runs

resetuser %UserName%

where %UserName% is the original user account, from the command prompt to write the original user account back to the registry.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.