Direct User Switching Task

for Windows XP/Vista/7/8

Windows XP and later versions have a Fast User Switching mode of operation that allows more than one user to be logged onto the computer at the same time. This is accomplished by creating a separate session for each user that logs on, however only one of these sessions is allowed to be active at any one time, whether that is sitting at the machine (termed the console) or via a remote connection. You can switch from one user session to another by using the hot key combination of WinKey+L (the Windows logo key and the ‘L’ key together) or by using the Switch User button on the log off dialog. Both of these methods disconnect the current session (rather than ending it) and present the welcome screen. At this point logging in as another user will either connect you with the previously disconnected session for that user or create a new session for that user. This process can be used to create multiple sessions and to switch between them.

The Direct User Switching Task (DUST) extends this functionality by providing the ability to switch directly to another user session, via a hot key, without going through the Windows welcome screen. This uses a popup menu of icons in a similar style to Alt+Tab task switching (including using the Shift key to reverse the selection direction). The benefits this task provides over standard Fast User Switching are as follows:

The default hot key is WinKey+S, but during installation a different key combination can be chosen. This can involve any combination of WinKey, Alt and Control (but not Shift) as the key (or keys) that need to be held down whilst another key is pressed to access the popup menu. The rest of this documentation refers to the chosen combination that needs to be held down as the DustKey. The Direct User Switching Task runs in every user session and provides the functionality to switch away from the current user. Hence immediately after installation the task will not be running in existing sessions until the user logs out and logs back in again (or the task is explicitly started from its installation directory).

The following screen shot shows the popup menu where repeated pressing of the hot key (whilst the DustKey is held down) causes the next item in the list to be selected. The first item will disconnect the current session and the last item will simply cancel the popup (as will DustKey+Esc). All intermediate items will have the picture for the appropriate user of that session (if available) and when selecting the item the session number and user name will be displayed.

Releasing the DustKey activates the currently selected item and in the case of a user item it will display the following password dialog:

This will allow the password to be saved if this feature has not been disabled. The password is saved only against the current user and obviously only for the user named in the dialog. A further option controls whether the saved password is used to automatically connect to the session. This is very useful for switching between different test environments, for example, but when the user password is changed a (hidden) logon failure will occur before a similar dialog is shown for a valid password. This could be a problem if there is a password policy that has a low limit on the number of failed passwords, however if you hold the Shift key down when activating the popup item the automatic logon will not occur and the password dialog will be shown.

Notification Area Icon

The control panel applet provides an option for a selection menu via a taskbar icon. If this option is chosen the Direct User Switching Task icon will appear within the notification area of the taskbar. Then by left or right clicking this icon a menu will be displayed containing the same items as above except there is no cancel item. The menu items just display the text description and not an icon or user picture. This option was developed primarily for tablet computers, where hotkey use is difficult, but there are no restrictions on its use.

Disconnect Rather than Lock

Ordinarily to protect the user session, the system can lock the workstation when the screen saver deactivates and also via other means like smartcard removal. It is just as secure to disconnect the session instead and this does not block another user from accessing the computer. There is an option to monitor session activity and whenever the session is locked it is disconnected instead. In addition to avoiding automatic locking this is useful for administrators to block deliberate locking. If you want to just avoid screen saver locking then there is a special disconnect screen saver available below.

User Settings and Passwords

By default each user has their own settings for DUST and passwords are saved to the users registry (under the key HKEY_CURRENT_USER\Software\Way Beyond Computing\DUST\Passwords). This allows for multiple circles within which passwords are known. However in cases where all passwords are known by everybody it can be tedious to repeat the same passwords for each user. Hence DUST has a Use only global saved passwords and options feature that causes passwords to be saved globally (under the registry key HKEY_LOCAL_MACHINE\Software\Way Beyond Computing\DUST\Passwords) if permissions allow. In this mode any user settings and saved passwords are ignored. Normally administrators will be able to save passwords and everybody will be able to use them. If the administrator privileges option is also used then everybody will be able to save passwords. If this feature is later turned off then any global saved passwords will still be available to all users, acting as a fallback after any equivalent user saved password has been tried. The control panel applet allows these global saved passwords to be retained or deleted when the option is disabled.

Please note that passwords saved within a user’s registry will only work for that user but on any computer (for example roaming profiles). Likewise passwords under the system registry will only work for that computer but for all users.

Blank Passwords under Windows Vista/7/8

You are likely to encounter an error under Windows Vista/7/8 if you try to switch to a session using a blank password. This is due to the Local Security Policy setting Accounts: Limit local account use of blank passwords to console logon only under the Security Options section of Local Policies. This error applies even if the current session is on the console and Windows XP does not suffer from this restriction. The solution is to disable the setting, however this will allow blank password accounts to be used for network and Terminal Services logons that would not have been possible before. Hence you should consider adding such accounts to the Deny access to this computer from the network and the Deny logon through Terminal Services settings within the User Rights Assignment section of Local Policies.

The Local Security Policy settings are changed through the MMC snap-in secpol.msc that is not available on all versions of Windows Vista/7/8 that support switching, for example Windows 7 Home Premium. Hence it is possible to disable the setting by changing the DWORD registry value LimitBlankPasswordUse under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa to zero. To deny account access you can get the ntrights.exe tool from the Windows 2003 Resource Kit (see http://support.microsoft.com/kb/315276) and use the commands "ntrights -u user +r SeDenyNetworkLogonRight" and "ntrights -u user +r SeDenyRemoteInteractiveLogonRight" for each user.

Classic Logon under Windows XP

Through the User Accounts Control Panel it is possible to disable the welcome screen (via the Change the way users log on or off link) such that you get the classic logon prompt, however if this is done Fast User Switching is also disabled. This is an artificial restriction probably imposed because there is no convenient way to switch users, as under classic logon the WinKey+L hot key locks the current session as opposed to going to the logon screen. As the Direct User Switching Task provides a convenient way to switch users, you have the option to enforce Fast User Switching such that disabling the welcome screen does not disable Fast User Switching. In addition the Direct User Switching Task installer provides the means to enable the classic logon prompt as the User Accounts Control Panel does not allow the welcome screen to be disabled when there are multiple user sessions. The welcome screen cannot be turned off under Windows Vista and later versions.

Enforcing Windows XP Fast User Switching

As mentioned in the last section there is an option to enforce Fast User Switching. This is achieved through a service that monitors specific changes to the registry and then makes adjustments as necessary. This option is required if you want to use the classic logon prompt or if your Windows XP computer is part of a domain, as these situations do not support user switching unless Direct User Switching Task has been installed. The Offline Files feature is not compatible with multiple user sessions and Windows XP ensures that Offline Files cannot be enabled in these circumstances. As enforcing Fast User Switching creates more situations for multiple sessions the service prevents the Offline Files feature from being enabled but does not actively disable it. There could be situations where Offline Files is enabled when the service is not running and to protect against these you could set up a Group Policy to disallow the Offline Files feature and another to prohibit configuration by removing the property sheet page. Under Windows Vista and later versions, user switching is always possible and hence the enforce Fast User Switching option is not required.

Direct Switching Considerations

By default only computer administrators are allowed to switch directly to another account with the result that once switched to a limited account you would need to disconnect to the logon screen in order to switch to another user. However this can be changed under Windows XP Professional through the System Control Panel by using the Remote tab and then Select Remote Users to add the limited users from which you would like to switch. For advanced users this is equivalent to adding the user to the Remote Desktop Users group.

To allow unrestricted switching under Windows XP Home and Windows Vista/7/8, a new Use administrator privileges for switching option has been added to the DUST control panel applet. When selected the DUST programs under each logon session run under the Local Service account with the Administrator group and privileges granted to it, thus allowing every user to switch. For maximum security the program impersonates the logged user except when performing an operation that requires administrator privileges. This option is enabled by default for all operating systems. Disable the option to have the DUST programs run as the logged on user and thus restrict which users can switch. When disabled under Windows Vista/7/8, the program will run elevated if the user is an administrator, thus allowing the user to switch.

Command Line Support

It is now possible to invoke the switching functionality via a command line tool that allows you to create your own icons or tasks. The tool called DUSTcmd.exe (within the DUST install directory) simply initiates the same option as if you had selected it interactively. Thus any prompting for passwords or displaying of errors will be via the usual graphical interface.

The syntax of the tool is as follows "DUSTcmd [/exec[:*]] <command>" where "/exec" causes the command to be executed within the tool rather than being sent to the DUST client (if there is no client or an error in communicating with it then the tool falls back to this mode). The difference between the two is the privilege level of the tool versus the DUST client. If you use "/exec:*" then the tool will elevate itself as required along with the usual system dialogs. Under Windows XP it is possible to enter a user that is not an administrator however this will cause the tool to fail ("/exec" is not supported for Windows 2000). For security reasons the tool will only communicate with the DUST client if it is run as the user of the session.

The supported command lines are as follows:

Command line support within the DUST client is disabled by default and the tool provides additional commands to administer this according to the following syntax "{enable | disable} [/system | /lock | /unlock]". As with all DUST settings there is a system default value and possibly an override at the user level. The "/system" option causes the system default to be changed. The "/lock" option causes user changes to be explicit and persists until the "/unlock" option is used. Otherwise "enable" does nothing if the system default is enabled already and "disable" just reverts to the system default. Hence if you want to enable support regardless of what the system default may become later then use "enable /lock". To fall back to the system default use "disable /unlock".

The main commands (not administration commands) can be invoked without generating a console window through use of rundll32 via the following syntax "rundll32 DUST.dll,Invoke <command>". This assumes the command is run from the DUST install directory; otherwise you will need to supply the full path to the DUST.dll file. To get the same behaviour as the "/exec" option, use "Exec" instead of "Invoke".

Automated Silent Installs

InstallShield silent installs are supported through the normal syntax and can be used via the downloaded PackageForTheWeb installer with initial options of "-s -a". Hence to record an installation use the command "dust13.exe -s -a -r" that will create/overwrite %SystemRoot%\setup.iss as an InstallShield silent response file. Then to perform the silent install invoke the command "dust13.exe -s -a -s -f1%SystemRoot%\setup.iss", if the response file is copied/moved make sure the full pathname is used via the -f1 option and that it is enclosed in double quotation marks if the name contains spaces. Please be aware that actions taken as a result of prompts within the control panel applet are not performed during the silent install. For instance disabling Offline Files when the Enforce Fast User Switching option is enabled, however Offline Files can be disabled via Group Policy.

It is possible to hand edit the setup.iss file and modify the install path to make use of environment variables, for example the line "szDir=C:\Program Files\Way Beyond Computing\DUST" could be changed to "szDir=%ProgramFiles%\Way Beyond Computing\DUST". This is the only line that can be changed in this way.

Upgrading the Operating System

When upgrading from Windows XP to Windows Vista the latest version of DUST will operate correctly afterwards, however there will be extended control panel features missing. To fix this or when upgrading from Windows 2000 to either Windows XP or Windows Vista it is necessary to re-run the setup program and choose the Repair option.

Windows Task Manager

Direct switching is possible through the Users tab of Windows Task Manager by right clicking a disconnected user and selecting Connect. However this does not support saved passwords and always attempts to connect using an empty password, this can be useful but also harmful if there is a bad password limit in force. In addition to it being much slower and less convenient it also means each session ends up having an open task manager on the desktop. Furthermore under Windows Vista/7, many features on the Users tab require elevation but the options do not have the shield icon nor do they prompt for elevation. Hence it is necessary to elevate the property sheet by clicking the Show processes from all users button on the Processes tab. This causes the property sheet to be replaced by an elevated one where the Show processes from all users button is now a check box, this can be turned off to get the same items displayed as before. This same problem exists under Windows 8 however there is no means to cause the property sheet to elevate itself. It needs to be explicitly elevated when started or the Switch user account option can be used (instead of Connect) that will take you to the logon screen to enter the password.

Windows Server 2008

Windows Server 2008 allows the console session to be disconnected and is the first server operating system to do so. Hence DUST under Windows Server 2008 offers all the features available under Windows Vista/7 but is only mentioned in this section for simplicity. Windows Server 2008 introduces the concept of Remote Application sessions that are essentially full screen glass sessions that allow remote applications to be part of the client desktop. These sessions are not compatible with normal sessions and it is not possible to switch between the two types. Accordingly DUST excludes these from the list of available sessions. By default only disconnected sessions are shown, however it is possible to show active sessions as well. This is controlled through a registry setting and can restrict active sessions based on whether they are remote or console ones. If you would like further information on enabling this feature please contact support.

Windows 2000/2003 Server

The software will work to a lesser degree under Windows 2000 Server & Advanced Server and Windows 2003 Server. This is because the versions of Terminal Services that they use do not allow the console session to be disconnected, so the Direct User Switching Task will only work to switch between remote sessions (with the popup menu showing the available disconnected remote sessions). For this reason the task will simply not run under the console session so the hotkey and notification icon will not be available. Under Windows 2000 the default Terminal Services client software (that allows you to make the remote connection) does not pass WinKey to the remote session, hence the hot key chosen at installation should use the Alt or Control keys instead. Alternatively the latest Remote Desktop Connection software can be downloaded and installed from Microsoft’s web site.

Windows NT4 Terminal Server

Support for Windows NT4 Terminal Server Edition has been withdrawn. The latest version of DUST that supports Windows NT4 Terminal Server Edition is version 1.2 and the information above for Windows 2000 Server will apply.

Trial Software

Click on a link below to download a fully working version of the Direct User Switching Task with a trial license that will work for 30 days. The software is made available under the terms of this license agreement.

 

Version 1.6 (1.37 MB)

Changes since Version 1.5.1

 

Version 1.5.1 (1.3 MB)

Changes since Version 1.5

 

Version 1.5 (1.30 MB)

Changes since Version 1.4

 

Version 1.4 (1.27 MB)

Changes since Version 1.3

 

Version 1.3 (1.26 MB)

Changes since Version 1.2

 

Version 1.2 (1.40 MB)

Changes since Version 1.1

 

Version 1.1 (1.37 MB)

Changes since Version 1.0

 

Version 1.0 (1.14 MB)

When the trial is over (or any time after installation) you can obtain a permanent license via this purchasing page.

Disconnect Screen Saver

When using the classic logon prompt it is possible to lock the current session. Whilst deliberate locking is desirable it is not friendly for the session to be locked via a password protected screen saver nor secure to disable the password. For this reason the following screen saver has been developed that will disconnect the session after a short countdown period. The countdown period is the minimum of 5 seconds and the grace period before the screen saver locks (that is 5 seconds by default).

 

Disconnect Screen Saver (72 KB)

To use the screen saver, download and save the above file into the SYSTEM32 sub-directory of your Windows XP installation directory, for example C:\WINDOWS. Then select the Disconnect screen saver as you would any other screen saver. Alternatively save the file to a directory of your choice and then right click it and choose the Install option.

Support

If you have any problems with the software please contact support giving as many details as you can, including the product ID that can be obtained by running the setup program again (either directly from the downloaded program file or via the Add or Remove Programs Control Panel) and selecting the Modify option.

Future Plans

The control panel applet may be enhanced to provide management of saved passwords.