|
|
RUNAS (Windows 2000/XP)
Execute a program under a different user account.
Syntax
RUNAS [/profile] [/env] [/netonly] /user:user Program
Key
/profile Option to load the user's profile (registry)
/env Use current environment instead of user's.
/netonly Use if the credentials specified are for RAS only.
/user Username in form USER@DOMAIN or DOMAIN\USER
(USER@DOMAIN is not compatible with /netonly)
Program The command to execute
Examples:
runas /profile /user:mymachine\administrator CMD
runas /profile /env /user:SCOT_DOMAIN\administrator NOTEPAD
runas /env /user:jDoe@swest.ss64.com "NOTEPAD \"my file.txt\""
Enter the password when prompted.
RunAs from the Windows explorer GUI
Select an executable file, Shift-Right-click and select Run As..
This option can be hidden by setting
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HideRunAsVerb=1
ErrorLevel
The error level returned by RunAs is not consistent between operating systems
In Windows 2000:
- success: %ERRORLEVEL%=1
- fails: %ERRORLEVEL%=0
In Windows XP:
- success: %ERRORLEVEL%=0
- fails: %ERRORLEVEL%=1
For Example
VER | find "2000" > nul IF %errorlevel% EQU 0 GOTO s_2000 ::Running XP RUNAS /user:jDoe@swest.ss64.com "mycommand.exe" IF %ERRORLEVEL%==0 Echo command succeeded goto :eof :s_2000 ::Running Windows 2000 RUNAS /user:jDoe@swest.ss64.com "mycommand.exe" IF %ERRORLEVEL%==1 Echo command succeeded goto :eof
RunAs Reqires the "Secondary Logon" service to be running.
"Our deepest fear is not that we are inadequate. Our deepest fear is that we are powerful beyond measure. It is our light, not our darkness, that most frightens us" - Nelson Mandela
Related Commands:
AT - Run a command on a remote machine (at a scheduled
time)
Aaron Margosis - Running with least privilege
joeware.net - CPAU (Create Process
As User) like RunAs but with an options to encrypt the password.
PsExec - Execute process remotely
Equivalent Linux BASH commands:
SU - Switch User
