The Log On to Windows dialog is NOT available when you run SU.exe (Switch User)

Posted On 2005-11-1 by FortyPoundHead
Keywords: Switch User SU.EXE
Views: 1561

The subject behavior will occur if you schedule the SU.exe utility to run under a user account, AND nobody is logged onto the local computer.

NOTE: When SU.exe runs, it switches to the default desktop. If nobody is logged on, the Log On to Windows dialog is hidden behind the screen saver.

To workaround this behavior, start the Su.exe utility on the default windowstation winsta0 with a new desktop newdesktop:

su.exe cmd.exe winsta0\newdesktop

see the following documentation from the resource kit:

Running SU Under Task Scheduler


SU can be run under the Windows 2000 Task Scheduler service to allow scheduling of jobs in various user contexts.

Note that when Task Scheduler runs in the Local System account, it has all required privileges to execute SU. If the service is running in a user account, this account must be granted all of the required privileges mentioned above in the Privileges and SU Service section of the main SU topic.

If the Task Scheduler service does not run in the Local System account, SU cannot start a process on the winsta0\default windowstation and desktop. Therefore, it is not possible to start a process that is visible on the user default desktop in this way. If you need to run scheduled SU jobs that are visible on the user-default desktop, run the Task Scheduler service in the Local System account.

Examples: Task Scheduler Command Lines

at 10:30 "cmd.exe /c su.exe username qslice.exe england winsta0\default < c:\username.txt"

This command line starts Qslice.exe at 10:30 a.m. in the user account england\username, on the user default desktop winsta0\default, obtaining the user password from the file c:\username.txt.

In this case, Cmd.exe /c is used to start Su.exe, which enables Cmd.exe to redirect input to Su.exe from c:\username.txt. Note that the /c switch for Cmd.exe causes Cmd.exe to exit when Su.exe returns, thus ending the process.

at 1:30 "cmd.exe /c su.exe guest cmd.exe . winsta0\winlogon < c:\guest.txt"

This command line starts Cmd.exe at 1:30 a.m. in the local user account guest, on the desktop winsta0\winlogon, obtaining the user password from the file c:\guest.txt. The winlogon desktop is the desktop used during an interactive logon. Although this command line illustrates how to start a process on this desktop, doing so is not recommended.

Example: Environment Variables In Batch Files

The SU environmental variables options can be used in conjunction with batch files executed under Task Scheduler.

For example, the following batch file executes Msmail32.exe in the user account named username in the domain england with the password password:

set SU_COMMANDLINE=msmail32.exe

set SU_DOMAIN=england

set SU_PASSWORD=password

su.exe username

The following environment variables particular to SU may be used with the tool. These environment variables are used only when the SU graphical user interface (GUI) is not invoked.

To view or change environment variables:

Click Start, point to Settings, then click Control Panel.

In Control Panel, double-click System, click the Advanced tab, then click the Environment Variables... button.

These environment variables can also be set in a batch file to be used with the Windows 2000 Task Scheduler service.


SU_USERNAME - supplies a default user name to SU.

SU_PASSWORD - supplies a password to SU. Avoids password prompting.

SU_DOMAIN - overrides default domain name referenced by SU.

SU_COMMANDLINE - overrides default command line run by SU.

SU_DESKTOP - overrides default windowstation and desktop targeted by SU.

About the Author

FortyPoundHead has posted a total of 1974 articles.

Comments On This Post

No comments on this post yet!

Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.

Your IP address is:

Before you can post, you need to prove you are human. If you log in, this test goes away.

Code Links