Microsoft, Windows, XP - Runas without loading elevated user settings
Posted on 2007-12-04
Is it possible to use 'runas' to gain elevated privs to an app AND retain the current profile/HKCU/env/settings etc?
This is the scenario.
In a corp environment there are a number of end users who have limited access to Internet Explorer settings tabs (i.e. tools, internet options)
A website these users need is poorly written and uses unsigned activex content, which these users are unable to download due to restrictions in group policy, which I have no direct access to.
I can move the user accounts to an different organisational unit in AD which through GP grants access to these extra tabs, then change the setting I want in IE, then move the user account back to the original OU and gpupdate on the client machine, but its messy, and I want to make this easier, and do-able by the service desk.
I was hoping to use runas, but what I have read so far implies that the runas user account settings are loaded, stopping me from changing the current users settings.
I thought that the runas qualifiers '/noprofile' or '/env' would help, but I dont believe they do.
Is there a way round, or is this just the limitations of the runas command, and if so, can anyone suggest a work around?