In November 2012 Microsoft released an update for Windows 8 and Server 2012 (KB2770917) that added the ability to “Enable enterprise customers to customize the default lock screen.” This meant the addition of a Group Policy that enabled control of the Lock Screen.
Although specifically for enterprise customers, I was looking for a way to programmatically change the Lock Screen across all install types – so I began to investigate. Sure enough, after installing the update, the option to “Force a specific default lock screen image” appeared in Group Policy. Although I could set this policy, as highlighted below, it would only be applied on domain-joined or enterprise machines.
I traced the checking of this policy back to Windows.UI.Immersive.dll in the %SYSTEMROOT%\System32 directory. As of the November update a function named LockScreenPathFromGroupPolicy() made an appearance in this DLL. Roughly translated the function looks like this:
The EnterpriseCustomizationAllowed() function is also a new addition, with LockScreenPathFromGroupPolicy() currently being the only function that makes this check.
From here it was a matter of removing this check and letting the function follow on whether the user was in an enterprise setting or not. In assembly, the check looks like the following:
To remove the check, open Windows.UI.Immersive.dll in your favourite editor and NOP (0x90) 9 bytes at offset 0x4607A (x86) or 0x560A5 (x64).
I have found no reason why this policy is “enterprise only” and have experienced no side effects from performing the above mentioned patch, however, your mileage may vary.