Solved

Run As prompt to elevate to a domain account in Vista

Posted on 2007-11-27
5
1,983 Views
Last Modified: 2013-11-29
Okay, so I've searched the internet all over the damn place trying to figure out this aggravating usage problem I'm having with Vista but it seems impossible to sepearate details on Run As and Vista from someone discovering UAC in Vista for the umpteenth time. In our domain we follow recommended security guidelines of elevating to domain admin privledges using the Run As...(Shift + Right Click) for specific domain admins utilities. This would always cause a prompt in XP which let me type in my admin credentials. However, with Vista, this Run As... option is simply assumed now to be "Run As administrator" even when I turn off UAC. Any ideas how to override the default and have it prompt for the account instead of simply defaulting to a local one? Thanks.
0
Comment
Question by:Bluespring
5 Comments
 
LVL 2

Accepted Solution

by:
lcit earned 300 total points
ID: 20360724
On my particular computer, I'm running Vista Business and I am a local administrator.  Run gpedit.exe as administrator.  Look under Computer Configuration, Windows Settings, Security Settings, Local Policies, Security Options.  There are a couple of items in there like "User Account Control: Behavior of the elevation prompt..." The one for regular users on mine was set to "prompt for credentials" the one for admin users was set to "prompt for approval".  I changed that one to "prompt for credentials" and now when I right-click and Run as Administrator it prompts me for domain credentials.  Give that a shot.
0
 
LVL 5

Assisted Solution

by:balmasri
balmasri earned 200 total points
ID: 20365048
I couldn't override this problem except making a batch file contains runas command:
runas /u:domain\user mmc.exe
then I add the snap-in
0
 
LVL 5

Expert Comment

by:balmasri
ID: 20418095
Did you find a way?
0
 

Author Comment

by:Bluespring
ID: 20422496
The best answers I have are both of your suggestions. However, I still am not able to make it behave the way I was accustomed to in XP. If I make it prompt for credentials, it does so on all elevations, even for local operations(like opening something in the control panel). Typing out my username and password every time I do anything that trips UAC gets tedious quick. The run as command seems to work best for now, but I miss the ability to selectively prompt for credentials when elevating other programs as well(like IE or Explorer) to troubleshoot  domain user problems without having to make a custom command line shortcut for every app.

I suppose I'll just go back to remotely logging in to a Windows 2003 management box as Vista really has done a great job of screwing things up for admins with this UAC. This is really something they should have fixed in SP1. Thank you for your suggestions though.
0
 
LVL 6

Expert Comment

by:ashutosh_kumar
ID: 21060277
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question