RunAS equivalent?
Dear all,
Is there a way to run a program in the security context of another user, eg:Admin?
Much like the runas command available in W2K. I need this to create an icon that the end-user will use to run a special program with privileges without the need for me to make him a member of the Admins group.
1) I want to know if there is a way to do that from within the OS and not with a third party program or so.
2) I do not want the needed password to be seeable by the end user.
3) "Can't be done" is not an acceptable solution: I've got that already.
Thank you,
---
Theo
Is there a way to run a program in the security context of another user, eg:Admin?
Much like the runas command available in W2K. I need this to create an icon that the end-user will use to run a special program with privileges without the need for me to make him a member of the Admins group.
1) I want to know if there is a way to do that from within the OS and not with a third party program or so.
2) I do not want the needed password to be seeable by the end user.
3) "Can't be done" is not an acceptable solution: I've got that already.
Thank you,
---
Theo
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Why does the user need admin privileges to run that program?
ASKER
obda: Why does the user need admin privileges to run that program? > I do not know!
When I am trying to run the program with normal user privileges I get: "Access violation error: Read of address: xxxxxxxx". This program is supposed to control a piece of machinery via the COM port. I suppose that NT prohibits accessing of ports by normal user programs.
If you have any idea/sugestion on this I'd be glad to hear it.
---
Theo
When I am trying to run the program with normal user privileges I get: "Access violation error: Read of address: xxxxxxxx". This program is supposed to control a piece of machinery via the COM port. I suppose that NT prohibits accessing of ports by normal user programs.
If you have any idea/sugestion on this I'd be glad to hear it.
---
Theo
ASKER
aleshm: Thanks for the links, the first one seems to be the answer but it needs me to register :(
Can you copy and paste the text for me?
...or even better, since I do not have the NT4 Resource Kit, if you have access to the utility can you please e-mail it to me? (I'll give you the address if you agree)
Cheers,
---
Theo
Can you copy and paste the text for me?
...or even better, since I do not have the NT4 Resource Kit, if you have access to the utility can you please e-mail it to me? (I'll give you the address if you agree)
Cheers,
---
Theo
Administering your Active Directory (AD) environment is easier and more secure with a couple of built-in Windows 2000 options: the Delegate option and the Runas command. The Delegate option lets you specify a user to manage an object. This option is great because you can have separate administrators for groups or items within your AD setup, which can take some of the administrative load off of you. Delegate is particularly handy when you have multiple offices or groups in separate areas or time zones, because having a central administrator for all groups is inconvenient in those cases. To delegate control of an object, open the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in, right-click the object you want to delegate, then select Delegate. A wizard will guide you through delegating management of an object.
The Runas command, previously available only in the Microsoft Windows NT Server 4.0 Resource Kit, will be familiar to UNIX and Linux users. Runas lets you give a regular user account administrative access when issuing a command. Runas can help minimize the number of times you must log on and off to perform administrative duties. You can use Runas to open various utilities or applications with administrative access without having to directly log on as the administrator, thereby minimizing the chances of attackers discovering the Administrative account password. To get the syntax for the Runas command, click Start, Run, then type
I don't have the resource kit at hand... sorry...
The Runas command, previously available only in the Microsoft Windows NT Server 4.0 Resource Kit, will be familiar to UNIX and Linux users. Runas lets you give a regular user account administrative access when issuing a command. Runas can help minimize the number of times you must log on and off to perform administrative duties. You can use Runas to open various utilities or applications with administrative access without having to directly log on as the administrator, thereby minimizing the chances of attackers discovering the Administrative account password. To get the syntax for the Runas command, click Start, Run, then type
I don't have the resource kit at hand... sorry...
ASKER
>Administering your Active Directory (AD) environment is easier and more secure with a couple of built-in Windows 2000 options...
But I do not have W2K, we are in the NT area remember?
But I do not have W2K, we are in the NT area remember?
ASKER
Dear aleshm,
Guess I will have to buy NT ResKit :(
Thanks anyway,
---
Theo
Guess I will have to buy NT ResKit :(
Thanks anyway,
---
Theo