diff --git a/modules/utilities/unix/labtainers/files/labtainer.files/modified-install-docker-debian.sh b/modules/utilities/unix/labtainers/files/labtainer.files/modified-install-docker-debian.sh
index 4203d5e40..93f0a62a1 100755
--- a/modules/utilities/unix/labtainers/files/labtainer.files/modified-install-docker-debian.sh
+++ b/modules/utilities/unix/labtainers/files/labtainer.files/modified-install-docker-debian.sh
@@ -32,8 +32,8 @@ END
 # sudo apt-get -y --allow-unauthenticated install docker-ce
 
 #gives user access to docker commands
-sudo groupadd docker
-sudo usermod -aG docker $USER
+# sudo groupadd docker
+# sudo usermod -aG docker $USER
 
 #enables and starts docker
 # sudo systemctl start docker
diff --git a/modules/utilities/unix/labtainers/manifests/config.pp b/modules/utilities/unix/labtainers/manifests/config.pp
index f3e2d22bf..071c9e7e7 100644
--- a/modules/utilities/unix/labtainers/manifests/config.pp
+++ b/modules/utilities/unix/labtainers/manifests/config.pp
@@ -3,11 +3,67 @@ class labtainers::config{
 
   $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
   $lab = $secgen_parameters['lab'][0]
+  $accounts = $secgen_parameters['accounts']
 
-  # TODO: don't raise an error for now
-  exec { 'start lab':
-    command  => "/opt/labtainers/labtainer-student/labtainer $lab | true",
-    provider => shell,
+  # Set.up labtainers for each user account
+  unless $accounts == undef {
+    $accounts.each |$raw_account| {
+      $account = parsejson($raw_account)
+      $username = $account['username']
+      # set home directory
+      if $username == 'root' {
+        $home_dir = "/root"
+      } else {
+        $home_dir = "/home/$username"
+      }
+      $labtainer_dir = "$home_dir/labtainer"
+
+      file { ["$home_dir/",
+        "$labtainer_dir"]:
+        ensure  => directory,
+        owner   => $username,
+        group   => $username,
+      } ->
+
+      file { "$labtainer_dir/labtainer-student":
+        ensure => 'link',
+        target => '/opt/labtainers/scripts/labtainer-student',
+      }
+
+      file_line { 'patch_path_labtainers':
+        path  => "$home_dir/.profile",
+        line  => 'export PATH=/opt/labtainers/scripts/labtainer-student/bin:/opt/labtainers/scripts/labtainer-student/lab-bin/:/opt/labtainers/setup_scripts/trunk/scripts/designer/bin:$PATH',
+      }
+      file_line { 'patch_path_labtainers_dir':
+        path  => "$home_dir/.bashrc",
+        line  => 'export LABTAINER_DIR="/opt/labtainers/"',
+      }
+
+      # autostart script
+      file { ["$home_dir/.config/", "$home_dir/.config/autostart/"]:
+        ensure => directory,
+        owner  => $username,
+        group  => $username,
+      }
+
+      file { "$home_dir/.config/autostart/auto_start_lab.desktop":
+        ensure => file,
+        content => template('labtainers/auto_start_lab.desktop.erb'),
+        owner  => $username,
+        group  => $username,
+      }
+
+      exec { 'download labs':
+        command  => "sudo -u $username /opt/labtainers/setup_scripts/pull-all.sh",
+        cwd => "/opt/labtainers/setup_scripts/",
+        provider => shell,
+      } ->
+      exec { 'start lab':
+        command  => "sudo -u $username bash -c 'source ~/.profile; echo -e \"email@addre.ss\\n\\n\" | /opt/labtainers/scripts/labtainer-student/bin/labtainer $lab -q'",
+        cwd => "/opt/labtainers/scripts/labtainer-student/",
+        provider => shell,
+      }
+    }
   }
 
 }
diff --git a/modules/utilities/unix/labtainers/manifests/install.pp b/modules/utilities/unix/labtainers/manifests/install.pp
index 4abd1074c..ceb7ebd27 100644
--- a/modules/utilities/unix/labtainers/manifests/install.pp
+++ b/modules/utilities/unix/labtainers/manifests/install.pp
@@ -6,27 +6,32 @@ class labtainers::install{
 
 
   # these are also installed by the install script, but good to use puppet where possible
-  package { ['apt-transport-https', 'ca-certificates', 'curl', 'gnupg2', 'software-properties-common', 'python-pip', 'openssh-server']:
+  package { ['apt-transport-https', 'ca-certificates', 'curl', 'gnupg2', 'software-properties-common', 'python-pip', 'openssh-server', 'python-netaddr', 'python-parse', 'python-dateutil', 'okular', 'gnome-terminal']:
     ensure   => 'installed',
   } ->
 
   file { '/opt/labtainers':
     ensure => directory,
     recurse => true,
-    source => 'puppet:///modules/labtainers/Labtainer-master',
-    mode   => '0766',
+    source => 'puppet:///modules/labtainers/Labtainers-master',
+    mode   => '0777',
     owner => 'root',
     group => 'root',
   } ->
-  file { '/opt/labtainers/setup_scripts/modified-install-docker-debian.sh':
-    source => 'puppet:///modules/labtainers/labtainer.files/modified-install-docker-debian.sh',
-    mode   => '0766',
-    owner => 'root',
-    group => 'root',
+
+  # not sure why this is required in our environment, but this fixes the script on our VM builds
+  file_line { 'patch_build_image':
+    path  => '/opt/labtainers/scripts/labtainer-student/bin/buildImage.sh',
+    line  => '#shift 1 -- SecGen fix',
+    match => 'shift 1',
   } ->
-  exec { 'install script':
-    command  => '/opt/labtainers/setup_scripts/modified-install-docker-debian.sh',
+
+  exec { 'build capinout tool':
+    command  => "/bin/bash ./mkit.sh | true",
     provider => shell,
+    cwd => "/opt/labtainers/tool-src/capinout"
   }
 
+  # TODO: users added to docker group?
+
 }
diff --git a/modules/utilities/unix/labtainers/secgen_metadata.xml b/modules/utilities/unix/labtainers/secgen_metadata.xml
index c56fc6338..9fd1de797 100644
--- a/modules/utilities/unix/labtainers/secgen_metadata.xml
+++ b/modules/utilities/unix/labtainers/secgen_metadata.xml
@@ -16,6 +16,7 @@
   <software_license>public domain</software_license>
 
   <read_fact>lab</read_fact>
+  <read_fact>accounts</read_fact>
 
   <default_input into="lab">
     <value>shellbasics</value>
diff --git a/modules/utilities/unix/labtainers/templates/auto_start_lab.desktop.erb b/modules/utilities/unix/labtainers/templates/auto_start_lab.desktop.erb
new file mode 100644
index 000000000..2d59601cc
--- /dev/null
+++ b/modules/utilities/unix/labtainers/templates/auto_start_lab.desktop.erb
@@ -0,0 +1,8 @@
+[Desktop Entry]
+Name=Lab
+GenericName=Labtainer lab autostart
+Comment=Autostart script
+Exec=/opt/labtainers/labtainer-student/labtainer <%= @lab %>
+Terminal=true
+Type=Application
+X-GNOME-Autostart-enabled=true
diff --git a/scenarios/labs/lab_environments/labtainers.xml b/scenarios/labs/lab_environments/labtainers.xml
index c81783731..4bc2797f9 100644
--- a/scenarios/labs/lab_environments/labtainers.xml
+++ b/scenarios/labs/lab_environments/labtainers.xml
@@ -37,6 +37,9 @@
         <input into="super_user">
           <value>true</value>
         </input>
+        <input into="groups">
+					<value>docker</value>
+				</input>
         <input into="leaked_filenames">
           <value></value>
         </input>
@@ -50,7 +53,12 @@
       <generator type="strong_password_generator"/>
     </input>
 
-    <!--Create the users-->
+    <!--Create the groups-->
+		<utility module_path=".*groups">
+			<input into="groups">
+				<value>docker</value>
+			</input>
+		</utility>    <!--Create the users-->
     <utility module_path=".*parameterised_accounts">
       <input into="accounts">
         <datastore>accounts</datastore>
@@ -92,6 +100,9 @@
       <input into="lab">
         <value>shellbasics</value>
       </input>
+      <input into="accounts">
+        <datastore>accounts</datastore>
+      </input>
     </utility>
 
     <network type="private_network">
diff --git a/secgen.rb b/secgen.rb
index 45af5e3da..d5dd561be 100644
--- a/secgen.rb
+++ b/secgen.rb
@@ -544,7 +544,9 @@ opts.each do |opt, arg|
   when '--esxi-disktype'
     Print.info "ESXi disk type : #{arg}"
     options[:esxidisktype] = arg
-
+  when '--no-tests'
+    Print.info "Not running post-provision tests"
+    options[:notests] = true
   else
     Print.err "Argument not valid: #{arg}"
     usage