• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2013
  • Last Modified:

Run As prompt to elevate to a domain account in Vista

Okay, so I've searched the internet all over the damn place trying to figure out this aggravating usage problem I'm having with Vista but it seems impossible to sepearate details on Run As and Vista from someone discovering UAC in Vista for the umpteenth time. In our domain we follow recommended security guidelines of elevating to domain admin privledges using the Run As...(Shift + Right Click) for specific domain admins utilities. This would always cause a prompt in XP which let me type in my admin credentials. However, with Vista, this Run As... option is simply assumed now to be "Run As administrator" even when I turn off UAC. Any ideas how to override the default and have it prompt for the account instead of simply defaulting to a local one? Thanks.
0
Bluespring
Asked:
Bluespring
2 Solutions
 
lcitCommented:
On my particular computer, I'm running Vista Business and I am a local administrator.  Run gpedit.exe as administrator.  Look under Computer Configuration, Windows Settings, Security Settings, Local Policies, Security Options.  There are a couple of items in there like "User Account Control: Behavior of the elevation prompt..." The one for regular users on mine was set to "prompt for credentials" the one for admin users was set to "prompt for approval".  I changed that one to "prompt for credentials" and now when I right-click and Run as Administrator it prompts me for domain credentials.  Give that a shot.
0
 
balmasriCommented:
I couldn't override this problem except making a batch file contains runas command:
runas /u:domain\user mmc.exe
then I add the snap-in
0
 
balmasriCommented:
Did you find a way?
0
 
BluespringAuthor Commented:
The best answers I have are both of your suggestions. However, I still am not able to make it behave the way I was accustomed to in XP. If I make it prompt for credentials, it does so on all elevations, even for local operations(like opening something in the control panel). Typing out my username and password every time I do anything that trips UAC gets tedious quick. The run as command seems to work best for now, but I miss the ability to selectively prompt for credentials when elevating other programs as well(like IE or Explorer) to troubleshoot  domain user problems without having to make a custom command line shortcut for every app.

I suppose I'll just go back to remotely logging in to a Windows 2003 management box as Vista really has done a great job of screwing things up for admins with this UAC. This is really something they should have fixed in SP1. Thank you for your suggestions though.
0
 
ashutosh_kumarCommented:
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now