This rather obscure request had me thinking of scenarios where it would be useful to change the last user name in Windows. Imagine you’re a network admin and you want to do some work on the PC as the domain or local administrator. When you finish and log out (assuming the last user name display is enabled), the login screen will display “administrator” or “domain\administrator”, forcing the previous user to type in a user name or use the “Switch User” button. What if, when done working on a computer as an administrator, you could set the username back to the previously logged in name and make things easier on your users? I’ll show you a few ways you might do this.
In Windows XP, this isn’t too difficult. You need to find the following key in the Registry Editor:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
And add or change the following string values:
DefaultDomainName=DOMAIN
DefaultUserName=Username
In Windows 7, it’s a little more tricky, you need to run the Registry Editor as administrator and find the above key. The trouble is, by default, users don’t have access to this key. So, you’ll have to run regedit as administrator to get at it.
And add or change the following string values:
DefaultDomainName=DOMAIN
DefaultUserName=Username
Take it one step further
Yep, so you want to make this a faster process, right? Ok, so make a a text file, (lastlogin.reg, for example) and place the following into the file:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
]
“DefaultDomainName”=”DOMAIN”
“DefaultUserName”=”lastusername”
Place it in a location you can access like your server and modify the file to the correct user just after you login as administrator on that computer. Once your finished, run the lastlogin.reg file, add the details to the registry and log out. Done.
As a matter of interest, you can always hide the last user name.
The programmatic fix
This tool will access the registry, find the last logged in user, display it and then let you set that in the registry. You might place lastlogin on your file server for easy access. Be sure to run it with administrative privileges. Just after you login to a computer (remember the user’s name of course), use lastlogin to return the computer to the previous user.The entire process looks like this:
Other Issues/Ideas
1. In 64bit versions of Windows, the registry is virtualized. If you run lastlogin on a 64bit box, you’ll find it accessing this key:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon
Certainly, that’s not what we need, so lastlogin would then need to be compiled on a 64bit machine (worth testing?).
2. Another interesting approach is to hide your administrative account from the login screen altogether. Doing this will allow someone to see the name of the account by looking in the registry, but it’s not a bad utility idea.
Find:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Create SpecialAccounts key and then under that create a UserList key
Then, create a new DWORD (32-bit) Value and change the name to your administrative account (with domain, such as DOMAINusername), and keep the value at 0 to hide.
You can download this free Windows tool, lastlogin, here.