Link to home
Start Free TrialLog in
Avatar of odddball
odddball

asked on

Automatically run an application as another user

Specific users need to run a particular application.  However, the user can only be a "User" on the local workstation.  This application that needs to be run needs to run with an account that has "Administrator" privledges on the local workstation.  The "Run As" feature works, but we would like to not have the user know the administrator account.  Is there a way to automatically have an application (or shortcut, whatever) run with a specific account so that users do not need to know the account info?  So that when the User clicks the icon, it automatically runs with a Administrator (or different) account?

Thanks!
ASKER CERTIFIED SOLUTION
Avatar of flyingsky
flyingsky
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Todd Gerbert
Todd Gerbert
Flag of United States of America image
I use a small .Net program, that I wrote in C#, to start programs as another user without requiring the user to know the credentials.  In my case I store the the username and password in a plain text config file, which is a huge security no-no.  Encrypting it would help, but I think most security-concsious admins would still frown upon it.
Avatar of Todd Gerbert
Todd Gerbert
Flag of United States of America image
I would imagine there's something like this out there already, but here's a simple "runas" program that will accept a password on the command line.
using System;
using System.Windows.Forms;
using System.Diagnostics;

namespace MyRunAs
{
	static class Program
	{
		/// <summary>
		/// The main entry point for the application.
		/// </summary>
		[STAThread]
		static int Main(string[] args)
		{
			if (args.Length < 3)
			{
				Usage();
				return 1;
			}

			Process proc = new Process();

			for (int i = 3; i < args.Length; i++)
				proc.StartInfo.Arguments += args[i] + " ";

			proc.StartInfo.CreateNoWindow = false;

			string[] domainAndUser = args[1].Split('\\');
			if (domainAndUser.Length > 1)
			{
				proc.StartInfo.Domain = domainAndUser[0];
				proc.StartInfo.UserName = domainAndUser[1];
			}
			else
				proc.StartInfo.UserName = domainAndUser[0];

			proc.StartInfo.ErrorDialog = true;
			proc.StartInfo.FileName = args[0];

			proc.StartInfo.Password = new System.Security.SecureString();
			foreach (char c in args[2])
				proc.StartInfo.Password.AppendChar(c);

			proc.StartInfo.UseShellExecute = false;
			proc.StartInfo.WindowStyle = ProcessWindowStyle.Normal;

			try
			{
				proc.Start();
			}
			catch (Exception ex)
			{
				MessageBox.Show("Error:\r\n" + ex.Message);
				return 2;
			}

			return 0;
		}

		private static void Usage()
		{
			MessageBox.Show(String.Format(@"Usage:
{0} <command> <username> <password> [parameters]

Paramenters in <> brackets required, in [] brackets optional.
command: The command to run with alternate credentials.
username: The user to run command as, use DOMAIN\User format if necessary.
password: The password for username.", System.IO.Path.GetFileName(Application.ExecutablePath)));
		}
	}
}

Open in new window