27 March 2013

Interactive Login Legal Notice Removal

Most corporate are at some point required to show a legal notice prior to logging on to a computer.  This is normally configured by group policy.


The settings are under - Computer Configuration - Policies - Security - Local Policies - Security Options:

  • Interactive logon: Message test for users attempting to log on
  • Interactive logon: Message Title for users to attempt to log on 




By default these values are blank, and as such the screen is not displayed at logon time.  When these fields have a value, it writes it to the registry and thus causes the notice to be displayed.

The problem comes in if you want to remove the legal notice from a machine.
If the policies does not define a value or a value of "" nothing is written to the registry.

So the registry setting written by a policy cannot be erased by another policy.  To fix this you have to manually go and clean up the registry.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"LegalNoticeCaption"=""
"LegalNoticeText"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"legalnoticecaption"=""
"legalnoticetext"=""

Remeber - to make this a permanent fix you need to ensure that there is no GPO is re-enforcing the legal notice.

No comments:

Post a Comment