runas Magic

CraigBlog

Home
Contact

Pluralsight Blogs

Syndication

Navigation

Archives

If you have followed any of the “Running as non-admin” traffic that’s been fairly prevalent of late, you’ve probably heard of the runas command. Runas lets you launch a process with alternate credentials in the current window station. Generally, you use this to do things like fire up a new instance of Visual Studio under administrative credentials so you can debug ASP.NET applications or something.

Today I ran across an entirely new option: the /netonly switch. Using it means that the credentials you supply don’t have to be valid on the machine you’re running it on, but will still be passed on when remote calls are made! So cool. Why? Because I’m doing work with Microsoft, and I need to do things against their servers that require authentication. I don’t want to join my machine to their domain, which means I can’t get a process running under my Microsoft domain account. However, using this switch, I can make a process look to remote systems as if it were running under my Microsoft domain account. This turned out to be crucially important for getting our build process working on my machine.

The one caveat is that since it doesn’t do an actual login, it’ll take whatever password you throw at it. Even if it’s wrong – you won’t find out until you try to actually use those credentials.

Posted Jun 04 2003, 04:55 PM by craig-andera

Comments

Joseph E Shook wrote re:

on 06-04-2003 1:11 PM

Some programs must be launched via runas must use the /netonly switch. Like for exampe if you want to run Active Directory Users and Computers (snapin in the mmc) you would type the following: runas /user:[userName] "mmc dsa.msc" Oh, but that is only the case when running from the start | run button. Then a really smart guy (John D from DeploymentCentric) I work with showed me how to run it without the /netonly switch. runas /u:[username] "cmd.exe /Cmmc dsa.msc" The problem is that the cmd window stays open in the background until you close the launched program.

Raj Chaudhuri wrote re:

on 06-04-2003 7:46 PM

Funny Fact: My domain account is a non-admin on my machine. The only admin account I have is the local Administrator, which obviously does not have priviledges on network resources. So, when I want to set up an app from a network share, I usually do two RUNASes. runas /u:LOCALMACHINE\Administrator "cmd.exe" and then from the command prompt that comes up: runas /u:MYDOMAIN\rajc /netonly "cmd.exe" and THEN run the setup from there. Note to Craig: I typed an XML tag here, and got a horrendous "Potentially dangerous content" error. I love ASP.NET 1.1, but a simple encode would do the trick. Do I tell you or ChrisAn ?

Craig wrote re:

on 06-05-2003 9:16 AM

Re BlogX issues, post a bug on the BlogX workspace over on gotdotnet. I've been sorely tempted to modify the code myself a time or two, but I'm going to try to contribute where it'll benefit everyone.

Twitter Trackbacks for runas Magic - CraigBlog - Pluralsight Blogs [pluralsight-training.net] on Topsy.com wrote Twitter Trackbacks for runas Magic - CraigBlog - Pluralsight Blogs [pluralsight-training.net] on Topsy.com

on 05-14-2010 11:09 AM

Pingback from Twitter Trackbacks for runas Magic - CraigBlog - Pluralsight Blogs [pluralsight-training.net] on Topsy.com

Add a Comment

Name: (required)

Website: (optional)

Comments (required)

Remember Me?

home instructor-led training online training blogs

781.749.9238 (East Coast) | 310.251.9901 (West Coast) | Pluralsight, LLC , 185 Lincoln St., Suite 305, Hingham, MA 02043-1741

Copyright © 2008 Pluralsight LLC. All rights reserved.

designed by nukeation