Close this Advertisement

Weekly quickTIP

Who Stole My RunAs?

It's still there. Here are two approaches to running it.

With Windows Vista comes User Account Control, and with User Account Control comes the right-click context menu item, "Run as Administrator." With UAC enabled, this new menu item enables an executable to be run using your administrator's token. But that's only the case if you're an administrator and want the executable to run under your own account. What if you want to run that EXE under the auspices of another user?

With Vista there are two possibilities. First, it is possible to reconfigure Vista to prompt for credentials rather than elevating them based on your own username. You can do this by configuring a local or Group Policy setting User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode. This setting can be found in Computer Configuration | Windows Settings | Security Settings | Local Policies | Security Options. Setting this to "Prompt for credentials" brings forward an over-the-shoulder prompt that requests credentials when you attempt to elevate, giving you the ability to enter a different set of credentials.

But, let's face it -- setting this for an entire machine or Organization Unit of them using policies is like using a sledgehammer when you really need ... well ... not a sledgehammer.

Another option is available for those one-off times that you need RunAs elevation for a specific EXE. Download the Sysinternals tool ShellRunAs and drop it into your computer's path somewhere (such as C:\Windows\System32) and then run the command:

shellrunas /reg

Doing this adds another menu item to the right-click context menu called Run as a Different User. You can also run shellrunas {programName} from the command prompt to do the same.

About the Author

Greg is an independent author, speaker, and IT consultant, as well as a Founding Partner with Concentrated Technology. With nearly 15 years in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft OS, remote application, and virtualization technologies.  Greg is a Contributing Editor and columnist for TechNet Magazine, a former columnist for Redmond Magazine and Virtualization Review Magazine, and has authored or contributed to ten books and countless white papers and webcasts. His writing is regularly seen in publications like TechTarget online, e-books from Realtime Publishers, and the UK-based IT EXPERT Magazine.  He has also produced numerous video training series for CBT Nuggets.


Reader Comments:

Thu, Aug 21, 2008 Mr. X Midwest

Thanks very much for this tip!

Tue, Aug 19, 2008 Lori London

Thank you for the tip. Much appreciated.

Mon, Aug 18, 2008 Charlie Boston

I just discovered this recently myself.

I don't do my regular user type activities with an Administrator account; however that account does have Admin rights on some servers. With Vista when I tried to open Computer Management with my regular user account to connect to those remote servers I was unable to until I installed this utility.

I also like the optional "no net" functionality that is built in.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above