Direct User Switching Task

for Microsoft® Windows®

Since Windows XP there has been a Fast User Switching mode of operation that allows more than one user to be logged onto the computer at the same time. This is accomplished by creating a separate session for each user that logs on, however only one of these sessions is allowed to be active at any one time, whether that is sitting at the machine (termed the console) or via a remote connection. You can switch from one user session to another by using the hot key combination of WinKey+L (the Windows logo key and the ‘L’ key together) or by using the Switch User button on the log off dialog. Both of these methods disconnect the current session (rather than ending it) and present the welcome screen. At this point logging in as another user will either connect you with the previously disconnected session for that user or create a new session for that user. This process can be used to create multiple sessions and to switch between them.

The Direct User Switching Task (DUST) extends this functionality by providing the ability to switch directly to another user session, via a hot key, without going through the Windows welcome screen. This uses a popup menu of icons in a similar style to Alt+Tab task switching (including using the Shift key to reverse the selection direction). The benefits this task provides over standard Fast User Switching are as follows:

The default hot key is WinKey+S if not currently in use, but during installation a different key combination can be chosen. This can involve any combination of WinKey, Alt and Control (but not Shift) as the modifier key (or keys) that need to be held down whilst a primary key is pressed to show the popup menu. Repeated pressing of the primary key advances the selected item within the popup menu. If the Shift key is additionally held down then the direction is reversed. If any of the modifier keys are released then the currently selected item is activated. The last item in the list will simply cancel the popup as will pressing the Escape key. There will be an item to disconnect the current session and any further items will have the picture (if available) for the appropriate user of that session with the session number and user name being be displayed when it is selected.

When a user item is activated it will display the following password dialog as necessary:

This will allow the password to be saved if this feature has not been disabled. The password is saved only against the current user and obviously only for the user named in the dialog. A further option controls whether the saved password is used to automatically connect to the session. This is very useful for switching between different test environments, for example, but when the user password is changed a (hidden) logon failure will occur before a similar dialog is shown for a valid password. This could be a problem if there is a password policy that has a low limit on the number of failed passwords. However if you hold the Shift key down when activating the popup item then the automatic logon will not occur and the password dialog will be shown.

Notification Area Icon

The control panel applet provides an option for a selection menu via a taskbar icon. If this option is chosen the Direct User Switching Task icon will appear within the notification area of the taskbar. Then by left or right clicking this icon a menu will be displayed containing the same items as above except there is no cancel item. The menu items just display the text description and not an icon or user picture. This option was developed primarily for tablet computers, where hotkey use is difficult, but there are no restrictions on its use.

Disconnect Rather than Lock

When you leave the console unattended in a multiple user environment it is best to make it secure by locking the session (eg via WinKey+L) which is also something you can configure to happen when the screen saver deactivates. Initially when Fast User Switching was introduced this blocked other users from being able to use the console, whereas disconnecting did not and is just as secure. Hence there is an option to monitor session activity and whenever the session is locked it is disconnected instead. Whilst switching is allowed under the lock screen of later versions of Windows, it can display a background and apps customised to the user who locked it. This is not the case for the disconnect screen that has a similar format but uses generic settings. Hence the option is still available for situations where the generic disconnect screen is preferred.

User Settings and Passwords

By default each user has their own settings for DUST and passwords are saved to the users registry (under the key HKEY_CURRENT_USER\Software\Way Beyond Computing\DUST\Passwords). This allows for multiple groups of users within which passwords are known. However in cases where all passwords are known by everybody it can be tedious to repeat the same passwords for each user. Hence DUST has a Use only global saved passwords and options feature that causes passwords to be saved globally (under the registry key HKEY_LOCAL_MACHINE\Software\Way Beyond Computing\DUST\Passwords) if permissions allow. In this mode any user settings and saved passwords are ignored. Normally administrators will be able to save passwords and everybody will be able to use them. If the administrator privileges option is also used then everybody will be able to save passwords. If this feature is later turned off then any global saved passwords can still be available to all users, acting as a fallback after any equivalent user saved password has been tried. The control panel applet allows these global saved passwords to be retained or deleted when the option is disabled.

Please note that passwords saved within a user’s registry will only work for that user but on any computer (for example roaming profiles). Likewise passwords under the system registry will only work for that computer but for all users.

Blank Passwords

You are likely to encounter an error if you try to switch to a session using a blank password. This is due to the Local Security Policy setting Accounts: Limit local account use of blank passwords to console logon only under the Security Options section of Local Policies. This error applies even if the current session is on the console. Windows XP does not suffer from this restriction. The solution is to disable the setting, however this will allow blank password accounts to be used for network and Terminal Services logons that would not have been possible before. Hence you should consider adding such accounts to the Deny access to this computer from the network and the Deny logon through Terminal Services settings within the User Rights Assignment section of Local Policies.

The Local Security Policy settings are changed through the MMC snap-in secpol.msc that is not available on all versions of Windows that support switching, for example Windows 7 Home Premium. Hence it is possible to disable the setting by changing the DWORD registry value LimitBlankPasswordUse under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa to zero. To deny account access you can get the ntrights.exe tool from the Windows 2003 Resource Kit (see http://support.microsoft.com/kb/315276) and use the commands "ntrights -u user +r SeDenyNetworkLogonRight" and "ntrights -u user +r SeDenyRemoteInteractiveLogonRight" for each user.

Direct Switching Considerations

By default only computer administrators are allowed to switch directly to another account with the result that once switched to a limited account you would need to disconnect to the logon screen in order to switch to another user. To allow unrestricted switching there is a Use administrator privileges for switching option within the DUST control panel applet. When selected the DUST programs under each logon session run under the Local Service account with the Administrator group and privileges granted to it, thus allowing every user to switch. For maximum security the program impersonates the logged on user except when performing an operation that requires administrator privileges. This option is enabled by default for all operating systems. Disable the option to have the DUST programs run as the logged on user (elevated where possible) and thus restrict which users can switch.

It is possible to allow specific limited users to switch through the System Control Panel by selecting the Remote tab and then adding the users via Select Remote Users. For advanced operators this is equivalent to adding the user to the Remote Desktop Users group.

Command Line Support

It is now possible to invoke the switching functionality via a command line tool that allows you to create your own icons or tasks. The tool called DUSTcmd.exe (within the DUST install directory) simply initiates the same option as if you had selected it interactively. Thus any prompting for passwords or displaying of errors will be via the usual graphical interface.

The syntax of the tool is as follows "DUSTcmd [/exec[:*]] <command>" where "/exec" causes the command to be executed within the tool rather than being sent to the DUST client (if there is no client or an error in communicating with it then the tool falls back to this mode). The difference between the two is the privilege level of the tool versus the DUST client. If you use "/exec:*" then the tool will elevate itself as required along with the usual system dialogs. Under Windows XP it is possible to enter a user that is not an administrator however this will cause the tool to fail ("/exec" is not supported for Windows 2000). For security reasons the tool will only communicate with the DUST client if it is run as the user of the session.

The supported command lines are as follows:

Command line support within the DUST client is disabled by default and the tool provides additional commands to administer this according to the following syntax "{enable | disable} [/system | /lock | /unlock]". As with all DUST settings there is a system default value and possibly an override at the user level. The "/system" option causes the system default to be changed. The "/lock" option causes user changes to be explicit and persists until the "/unlock" option is used. Otherwise "enable" does nothing if the system default is enabled already and "disable" just reverts to the system default. Hence if you want to enable support regardless of what the system default may become later then use "enable /lock". To fall back to the system default use "disable /unlock".

The main commands (not administration commands) can be invoked without generating a console window through use of rundll32 via the following syntax "rundll32 DUST.dll,Invoke <command>". This assumes the command is run from the DUST install directory; otherwise you will need to supply the full path to the DUST.dll file. To get the same behaviour as the "/exec" option, use "Exec" instead of "Invoke".

Automated Silent Installs

InstallShield silent installs are supported through the normal syntax and can be used via the downloaded PackageForTheWeb installer with initial options of "-s -a". Hence to record an installation use the command "dust13.exe -s -a -r" that will create/overwrite %SystemRoot%\setup.iss as an InstallShield silent response file. Then to perform the silent install invoke the command "dust13.exe -s -a -s -f1%SystemRoot%\setup.iss", if the response file is copied/moved make sure the full pathname is used via the -f1 option and that it is enclosed in double quotation marks if the name contains spaces. Please be aware that actions taken as a result of prompts within the control panel applet are not performed during the silent install. For instance disabling Offline Files when the Enforce Fast User Switching option is enabled, however Offline Files can be disabled via Group Policy.

It is possible to hand edit the setup.iss file and modify the install path to make use of environment variables, for example the line "szDir=C:\Program Files\Way Beyond Computing\DUST" could be changed to "szDir=%ProgramFiles%\Way Beyond Computing\DUST". This is the only line that can be changed in this way.

Upgrading the Operating System

When upgrading the operating system, the existing install will adapt itself to the new environment. However there may be specific installation steps for the new operating system that will not have been performed, resulting in reduced functionality. Hence to get the best support, it is recommended that you check for a later version of DUST and upgrade if available, otherwise re-run the current setup program and choose the Repair option.

Windows Task Manager

Direct switching is possible through the Users tab of Windows Task Manager by right clicking a disconnected user and selecting Connect. However this does not support saved passwords and always attempts to connect using an empty password. This can be useful but also harmful if there is a bad password limit in force. In addition to this being much slower and less convenient it also means each session ends up having an open task manager on the desktop. Furthermore unless limited users have been given explicit permission to switch, they need to run the task manager elevated (ie as an administrator) as the page does not prompt for this. Failing that they can right click on the entry for themselves and select Disconnect to be taken to the logon screen.

Classic Logon under Windows XP

Through the User Accounts Control Panel it is possible to disable the welcome screen (via the Change the way users log on or off link) such that you get the classic logon prompt, however if this is done Fast User Switching is also disabled. This is an artificial restriction probably imposed because there is no convenient way to switch users, as under classic logon the WinKey+L hot key locks the current session as opposed to going to the logon screen. As the Direct User Switching Task provides a convenient way to switch users, you have the option to enforce Fast User Switching such that disabling the welcome screen does not disable Fast User Switching. In addition the Direct User Switching Task installer provides the means to enable the classic logon prompt as the User Accounts Control Panel does not allow the welcome screen to be disabled when there are multiple user sessions. The welcome screen cannot be turned off under Windows Vista and later versions.

Enforcing Windows XP Fast User Switching

As mentioned in the last section there is an option to enforce Fast User Switching. This is achieved through a service that monitors specific changes to the registry and then makes adjustments as necessary. This option is required if you want to use the classic logon prompt or if your Windows XP computer is part of a domain, as these situations do not support user switching unless Direct User Switching Task has been installed. The Offline Files feature is not compatible with multiple user sessions and Windows XP ensures that Offline Files cannot be enabled in these circumstances. As enforcing Fast User Switching creates more situations for multiple sessions the service prevents the Offline Files feature from being enabled but does not actively disable it. There could be situations where Offline Files is enabled when the service is not running and to protect against these you could set up a Group Policy to disallow the Offline Files feature and another to prohibit configuration by removing the property sheet page. Under Windows Vista and later versions, user switching is always possible and hence the enforce Fast User Switching option is not required.

Windows Server 2008 and Later Versions

Windows Server 2008 allows the console session to be disconnected and is the first server operating system to do so. Hence DUST under Windows Server 2008 offers all the features available under Windows Vista/7 but is only mentioned in this section for simplicity. Windows Server 2008 introduces the concept of Remote Application sessions that are essentially full screen glass sessions that allow remote applications to be part of the client desktop. These sessions are not compatible with normal sessions and it is not possible to switch between the two types. Accordingly DUST excludes these from the list of available sessions. By default only disconnected sessions are shown, however it is possible to show active sessions as well. This is controlled through a registry setting and can restrict active sessions based on whether they are remote or console ones. If you would like further information on enabling this feature please contact support.

Windows 2000/2003 Server

The software will work to a lesser degree under Windows 2000 Server & Advanced Server and Windows 2003 Server. This is because the versions of Terminal Services that they use do not allow the console session to be disconnected, so the Direct User Switching Task will only work to switch between remote sessions (with the popup menu showing the available disconnected remote sessions). For this reason the task will simply not run under the console session so the hotkey and notification icon will not be available. Under Windows 2000 the default Terminal Services client software (that allows you to make the remote connection) does not pass WinKey to the remote session, hence the hot key chosen at installation should use the Alt or Control keys instead. Alternatively the latest Remote Desktop Connection software can be downloaded and installed from Microsoft’s web site.

Windows NT4 Terminal Server

Support for Windows NT4 Terminal Server Edition has been withdrawn. The latest version of DUST that supports Windows NT4 Terminal Server Edition is version 1.2 and the information above for Windows 2000 Server will apply.

Trial Software

Click on a link below to download a fully working version of the Direct User Switching Task with a trial license that will work for 30 days. The software is made available under the terms of this license agreement.

 

Version 1.7 (1.40 MB)

Changes since Version 1.6

 

Version 1.6 (1.37 MB)

Changes since Version 1.5.1

 

Version 1.5.1 (1.3 MB)

Changes since Version 1.5

 

Version 1.5 (1.30 MB)

Changes since Version 1.4

 

Version 1.4 (1.27 MB)

Changes since Version 1.3

 

Version 1.3 (1.26 MB)

Changes since Version 1.2

 

Version 1.2 (1.40 MB)

Changes since Version 1.1

 

Version 1.1 (1.37 MB)

Changes since Version 1.0

 

Version 1.0 (1.14 MB)

When the trial is over (or any time after installation) you can obtain a permanent license via this purchasing page.

Disconnect Screen Saver

When using the Windows XP classic logon prompt it is possible to lock the current session. Whilst deliberate locking is desirable it is not friendly for the session to be locked via a password protected screen saver nor secure to disable the password. For this reason the following screen saver has been developed that will disconnect the session after a short countdown period. The countdown period is the minimum of 5 seconds and the grace period before the screen saver locks (that is 5 seconds by default).

 

Disconnect Screen Saver (72 KB)

To use the screen saver, download and save the above file into the SYSTEM32 sub-directory of your Windows XP installation directory, for example C:\WINDOWS. Then select the Disconnect screen saver as you would any other screen saver. Alternatively save the file to a directory of your choice and then right click it and choose the Install option.

Support

If you have any problems with the software please contact support giving as many details as you can, including the product ID that can be obtained by running the setup program again (either directly from the downloaded program file or via the Add or Remove Programs Control Panel) and selecting the Modify option. You can find our Privacy Policy here.

Future Plans

The control panel applet may be enhanced to provide management of saved passwords.