|
Windows 2000 and Windows XP provide the ability to run applications, processes, control panels, etc.
with credentials (UserID and password) different from the UserID and password used
to initiate the current desktop session, called: <Secondary Logon>
There are several ways in which you can initiate such processing using alternate credentials, as long
as the following requirements are met:
- You provide the appropriate user account and password information
- The user account has the ability to log on to the computer
- The program, Management Console, or Control Panel item is available on the system and to the user account.
Note however, that some items like Windows Explorer, the Printers Folder and certain desktop items cannot be
started with Run As because they are launched indirectly by Windows itself.
Examples of initiating such a processing:
- Go to Start, Programs and select the desired application shortcut from the menu.
Right-click the shortcut and choose Run As. If this context menu option is not presented by
default, hold down Shift while right-clicking the shortcut.
- Create your own shortcuts to applications that you want to start this way, eg.:
- A shortcut to run the command prompt would read:
runas /user:<computername>\administrator cmd
- A shortcut to the preconfigured Active Directory Users and Computers would read:
runas /user:<domainname>\administrator "mmc %windir%\system32\dsa.msc"
(Check out Adminpak for other preconfigured Management Consoles.)
Upon execution of this shortcut you will be prompted to enter the password for the administrator account.
Note: Entering the above command lines through a command prompt would be equally valid.
Unfortunately no equally easy ways are provided to find out which alternate UserID has been used
to start a given application, once it is running, unless started through a predefined shortcut, in which
case it can be looked up in the shortcut definition.
But what if this particular instance running was NOT started by shortcut, even though one exists?
Several options exists to look up which User-ID was used to start a program with Alternate Credentials
("Run As"):
-
You could use this "home made" solution, but it’s use is somewhat dependent upon the
possibilities provided by the application currently running with alternate credentials. The whole
trick depends on the ability to kick-off another process from within the current one. Since the current
one was launched with alternate credentials, the process "spawned" from within it will run
with the exact same alternate credentials.
As an illustration of the solution suppose Active Directory Users and Computers MMC was started
"Run As":
- Right-click <Your domainname> and choose Export List
- In the Save As... dialog box navigate to your %SystemRoot%\System32-directory
- Enter * in the File name box and click Save
- Now look up CMD.EXE
- Right-click CMD.EXE and choose Open.
This will start a command box running under the same credentials as ADUC.
-
Now type: echo %username% and you’re looking at the alternate UserID
that was used to kick-off Active Directory Users and Computers MMC using the "Run As" option.
-
Then there is the freeware (GUI) utility from Sysinternals.com called:
"Process Explorer"
-
And from the Windows 2000 Resource Kit, you could use the utility: PUlist.
This will show the credentials used to start "Run As" application. However, in order for the UserID
to show up in the list, this utility itself must have been started under SYSTEM credentials.!
-
Alternatively you could use the RunAs.vbs WMI script provided here, which will list all the running processes and their
Owner, one by one.
Note: To avoid accidental running of the script, the scripts on this web server
are stored as *.vb_ file. Clicking on the link will bring up the script in the browser.
From there you can save it for later use, simply by selecting All text in the browser window and
copy/pasting it into your own newly created .vbs script file.
|
