?
Solved

RunAS equivalent?

Posted on 2003-11-01
7
Medium Priority
?
1,844 Views
Last Modified: 2013-12-28
Dear all,

 Is there a way to run a program in the security context of another user, eg:Admin?
Much like the runas command available in W2K. I need this to create an icon that the end-user will use to run a special program with privileges without the need for me to make him a member of the Admins group.
1) I want to know if there is a way to do that from within the OS and not with a third party program or so.
2) I do not want the needed password to be seeable by the end user.
3) "Can't be done" is not an acceptable solution: I've got that already.


Thank you,
---
Theo
0
Comment
Question by:xchange
  • 4
  • 2
7 Comments
 
LVL 2

Accepted Solution

by:
aleshm earned 250 total points
ID: 9665825
0
 
LVL 85

Expert Comment

by:oBdA
ID: 9665968
Why does the user need admin privileges to run that program?
0
 
LVL 2

Author Comment

by:xchange
ID: 9667126
obda: Why does the user need admin privileges to run that program? > I do not know!
When I am trying to run the program with normal user privileges I get: "Access violation error: Read of address: xxxxxxxx". This program is supposed to control a piece of machinery via the COM port. I suppose that NT prohibits accessing of ports by normal user programs.
If you have any idea/sugestion on this I'd be glad to hear it.
---
Theo
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 2

Author Comment

by:xchange
ID: 9667247
aleshm: Thanks for the links, the first one seems to be the answer but it needs me to register :(
Can you copy and paste the text for me?
...or even better, since I do not have the NT4 Resource Kit, if you have access to the utility can you please e-mail it to me? (I'll give you the address if you agree)

Cheers,
---
Theo
0
 
LVL 2

Expert Comment

by:aleshm
ID: 9669182
Administering your Active Directory (AD) environment is easier and more secure with a couple of built-in Windows 2000 options: the Delegate option and the Runas command. The Delegate option lets you specify a user to manage an object. This option is great because you can have separate administrators for groups or items within your AD setup, which can take some of the administrative load off of you. Delegate is particularly handy when you have multiple offices or groups in separate areas or time zones, because having a central administrator for all groups is inconvenient in those cases. To delegate control of an object, open the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in, right-click the object you want to delegate, then select Delegate. A wizard will guide you through delegating management of an object.

The Runas command, previously available only in the Microsoft Windows NT Server 4.0 Resource Kit, will be familiar to UNIX and Linux users. Runas lets you give a regular user account administrative access when issuing a command. Runas can help minimize the number of times you must log on and off to perform administrative duties. You can use Runas to open various utilities or applications with administrative access without having to directly log on as the administrator, thereby minimizing the chances of attackers discovering the Administrative account password. To get the syntax for the Runas command, click Start, Run, then type


I don't have the resource kit at hand... sorry...
0
 
LVL 2

Author Comment

by:xchange
ID: 9735937
>Administering your Active Directory (AD) environment is easier and more secure with a couple of built-in Windows 2000 options...
But I do not have W2K, we are in the NT area remember?
0
 
LVL 2

Author Comment

by:xchange
ID: 9997848
Dear aleshm,


 Guess I will have to buy NT ResKit :(


Thanks anyway,
---
Theo
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question