|
Detailed
Information
When you need to perform Administrative Tasks:
Fast User Switching
Microsoft XP provides the Fast User Switching (FUS) feature to switch between more than one account. (But switching to other accounts and running processes simultaneously will use up more processor and memory resources and could affect system performance. If you don’t have a newer computer with 1 GB of memory, this may be prohibitive to use.) So it is often better to log off one account to log into a different account. But if you have a fast system with lots of memory (1GB or more), you may occasionally wish to use both types of accounts simultaneously for a quick maintenance task.
There are actually three ways that XP gives you to move between multiple accounts:
• Log on with a regular limited user account and use the RUN AS command to run the tools that require the broader permissions.
• XP provides a feature to RUN WITH DIFFERENT CREDENTIALS – load a program as if you were the administrator while still logged in as LUA
• XP also provides the Fast User Switching feature to stay logged into one account and temporarily log into another account at the same time.
With Fast User Switching, multiple user accounts can log on to a computer simultaneously. Users can switch sessions without closing Windows, programs, and so forth. For example, User A is logged on and is browsing the Internet, User B wants to log on to their user account and check their e-mail account. User A can leave their programs running while User B logs on and checks their e-mail account. User A can then return to their session where their programs would still be running. You need a good deal of Ram to make this work without performance degradation and if you don't have a really fast PC, avoid the use of CPU-intensive applications while using FUS.
RunAS
RunAs is a feature in XP that can be used from
Windows Explorer, finding the executable file of the program you want to run, right-clicking on it and selecting RUNAS and selecting the Admin account and entering the Admin password. You will be running it with Admin permissions, but the desktop is shared with the local LUA user.
If you are logged in as LUA and need to run some Windows application that won't work without Admin permissions, turn to FUS. With FUS, you can be logged on as a Limited User, switch to a Computer Administrator session without having to close your apps, do your admin stuff or run that application that is not-fully Windows compliant, and switch back to your LUA session. FUS is easier to use than RunAs, and lets you run any app (unlike RunAs). It’s also more secure, since logon sessions are isolated from each other and do not share a common desktop. To switch from one session to another, click the Start button, Log Off, Switch User. Or more quickly, just press Win+L (Windows key + L).
USE THE RUN AS FEATURE
This is a feature that provides users with a secondary logon capability. By using RUN AS, users can run applications or commands in a different security context without having to log off. RUN AS prompts the user for different credentials before running the application or command, allowing you to accomplish administrative tasks without exposing your computer or data stored in Active Directory to unnecessary risk. So, you can log on using a regular user account, then, using RUN AS, open an administrative program in the context of an administrative account. The administrative context is only used for that specific program and is only available until that program is closed. If you need to perform administrative tasks, such as upgrading the operating system or configuring system parameters, then log off and log back on as an administrator.
You can use RUN AS through the user interface or as a command-line tool.
User interface
The RUN AS feature built into the user interface is a shortcut that is accessed on the right-click menu for some programs (.exe), some Control Panel (.cpl) items, and Microsoft Management Console (MMC)
Command-line tool
In addition to the built-in RUN AS feature, the RUN AS command provides the same capabilities.
RUN WITH DIFFERENT CREDENTIALS
In XP, this is the feature to allow you to load an application while you are logged in as LUA, but allowing you to RUN WITH DIFFERENT CREDENTIALS – that of the administrator.
While you are in the LUA, you can create a new desktop icon shortcut, (it must be created, not use the one that the original installation may have created!), and point the shortcut to the desired program executable file in C:\Programs…
Then right-click the shortcut icon and select properties
Go to the SHORTCUT Tab
Go to ADVANCED
Put a checkmark in the box to "RUN WITH DIFFERENT CREDENTIALS"
Click OK and OK
NOW, when you load your program from this new shortcut icon, it will load the program and ask you which user you want to run the program under...whereby you can choose to run the program as the administrator, supplying the password to do so. The program that requires more access than the LUA affords, now loads fine with administrator rights.
Note: If account lockouts are enabled in conjunction with Fast User Switching, it is possible for this feature to inadvertently lock out accounts when multiple accounts are logged in using Fast User Switching. If you want to enable the account lockout feature, it is recommended that you not use the Fast User Switching feature. Account Lockout is a feature not usually needed for home computers. Account lockout policy options disable accounts after a set number of failed logon attempts. Using these options can help you detect and block attempts by a remote user to log into your system. To modify lockout policy settings, launch Local Security Policy or Group Policy and go to Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policy.
|
