User Account Types

Each user identifies him- or herself to Windows with a username and an optional password (or in high-tech environments, perhaps with a smart card or a fingerprint scanner). Windows keeps track of each user in its list of accounts, or known users. For each user, Windows associates information such as whether the user has Administrator privileges, the user's desktop and sound preferences, and the location of the user's My Documents file folder.

A list of valid users is stored in each Windows XP computer. These are called local accounts because the information about the user is stored on the computer itself, and the username and password are recognized only on this one computer. If the computer is a member of a domain-type network, the network's domain controller holds a master list of all accounts for the entire domain, for example the entire corporation. These are called global accounts or domain accounts, because the account information is accessible anywhere on the network, and any member computer can validate the user's name and password.

Whether this matters to you depends on what kind of network your computer is connected to:

• If your computer is not connected to a network, all the users of your computer are local users and you don't need to worry about this distinction. You will be interested in reading about User Profiles, however, later in this chapter.

• If you're a member of peer-to-peer workgroup network, each of your computers will have its own separate list of local users. This can be inconvenient, because users of one computer won't necessarily be recognized by your other computers. We'll talk more about this later on in the Simple File Sharing section.

• If you're a member of a domain network, your computer can have both local and global users. If you want, you can define local accounts that only have access to the individual computer. There is also a local Administrator account for each computer, with its own password. This lets you maintain and update your computer without knowing the master domain Administrator's password. Your domain administrator may prevent you from creating or using local accounts, however.

Guest and Administrator Accounts

If you installed Windows XP Professional yourself, during the installation process you had the opportunity to enter the names of several users. In addition to any individual users you specified, two special user accounts were automatically created on your machine: Administrator and Guest.

The Guest user account provides access to your computer by people who don't have a predefined username and password, without you needing to set up a new account for them. This account is disabled by default, to prevent unauthorized local or network access to your computer. I strongly urge you to leave this account turned off. Even though the Guest account has lower privileges than a normal user account and can't modify system settings or install software, it's still risky to let random people have access to a computer, especially in a business setting.

The Administrator user account is the opposite of the Guest account. Logging on using the Administrator account (or any account with Computer Administrator privileges) gives you the power to read or modify any file on your computer, change any local user's password, install or remove software, or anything else you please. The Administrator account can bypass all security measures.

As I'll discuss in the next section, by default, Windows XP Professional gives all of the user accounts you create Administrator privileges unless your computer is a member of a domain-type network. I don't think giving all users such a high privilege is a good idea because any programs you run will have full access to the computerand virus software takes advantage of this. I recommend that you remove the Administrator privileges from your regular user accounts, and use the Administrator account directly only when you

• Don't have permission to access a file you need

• Need to create or change the password of another user account

• Need to install new hardware or software

Microsoft gave all users Administrator privileges to make these actions easier for you, but I think they're needed seldom enough that it's not worth the added risk. I'll tell you how to remove the default Administrator privileges later in this chapter under Assigning Permissions to Groups.

If you are told your user account doesn't have permission to accomplish some necessary maintenance task, see "Can't Install Hardware or Software" in the "Troubleshooting" section at the end of this chapter.

When you do want to log on using the actual Administrator account, if you use the Welcome screen, you will notice that Administrator doesn't appear as a choice, unless it's the only account with Administrator privileges. No worries: Just press Ctrl+Alt+Del twice while viewing the login screen to display the old-style login dialog. In it, you can type "Administrator" and enter the password, as shown in Figure 28.1.

TIP

I strongly suggest that you do not use the Administrator account or any account with Administrator privileges on a day-to-day basis. Running Windows XP as Administrator makes you especially susceptible to Trojan horses and viruses, because the Trojan horse code then runs with full privileges to your machine. If you are logged on as a normal user, the virus is limited in what it can damage.

The Run As Command

If you find that you are logging in and out frequently to run administrative programs, try using the Run As command. You can do so by opening the Start menu or Windows Explorer and locating the program that you want to run. (It could be a Control Panel item, the Microsoft Management Console, or any other application.) Right-click the program name, and select Run As, as shown in Figure 28.2. (If Run As doesn't appear, try pressing the Shift key while you right-click.) You then can type the username and password of the privileged account you want to use. If you need to, you can enter a domain account using the username@domain format.

Figure 28.2. You can choose to run selected applications in the security context of a different user.

NOTE

Run As doesn't work with Windows Explorer, the Printers folder, or desktop icons. Run As also doesn't work with user accounts that are set up with SmartCard authentication systems.

CAUTION

Be sure the Administrator password is kept secure. Remember that the Administrator password is the master key to your computer.

You can also run programs in the context of another user account through the command line. For instance, you can open a command prompt window and type something like

 runas /user:Administrator "control userpasswords" 

to run the User Accounts control panel as the Administrator.

Why Use Separate User Accounts?

Windows XP requires that you add a separate user account for each person that uses your computer. Using separate accounts makes good sense:

• Each user can set their desktop, color, sound, and application preferences separately.

• Each user has their own "desktop" so downloads and icons won't accumulate from other users (I know some people whose desktop is completely covered with icons. This would drive me crazy!)

• Email, My Documents, and other files are stored separately, so each user has some measure of privacy.

When you create accounts, you should consider what kind of privileges to grant the users. As I mentioned earlier, Windows XP provides three types of account privilege levels:

• Computer Administrators have privileges equal to the Administrator account.

• Power Users can add and remove software but can't modify information for other users' accounts.

• Limited Users can't install programs or make changes to important system settings.

Children and non-technical users, for example, probably should have Limited privileges, so they don't accidentally erase files or programs. In a business setting, no regular day-to-day user account should have Administrator privilegesthe risk of someone running virus-infected software from a highly privileged account is too great.

As I mentioned earlier, Windows asks for one or more account names when it's first installed, and these are all created with Administrator privileges. If you set up extra accounts when you installed Windows, you probably want to change their status. I'll describe how in the next few sections. When you're creating new accounts using the Control Panel, you can set their privilege level as you go.

TIP

Microsoft's basic User Accounts control panel only lets you choose between two extremes: Computer Administrator and Limited privileges. I recommend that you read the section titled "Removing Users from the Administrators Group" to see how to set up users with the Power Users setting. I would use that category for most users.