Logon & Auth
To start an
application using the "Run As" command from with
in the Explorer Graphic Shell, press "Shift" as
you right click the executable or shortcut. You'll see the
"Run as" option appear in the pop up menu.
2000 Secondary Logon (Run As)
It is good
practice for administrators to use an account with restrictive
permissions to perform routine, non-administrative tasks, and to use
an account with broader permissions only when performing specific
administrative tasks. To accomplish this without logging off and
back on, log on with a regular user account and use the runas
command to run the tools that require the broader permissions.
HOW TO: Use the Run as Command to Start a Program as an Administrator
Microsoft Knowledge Base Article: 301634 - This step-by-step article
describes how to use the Run as
Secondary Logon (Run As): Starting Programs and Tools in Local Administrative Context
Microsoft Knowledge Base Article: 225035 - Windows 2000 secondary logon allows administrators to log on with a non-administrative account and still be able to perform administrative tasks (without logging off) by running trusted administrative programs in administrative contexts.
Step-by-Step Guide to Using Secondary Logon in Windows 2000
This technical step-by-step guide provides examples of using the
secondary logon feature, the Run as service, in the Windows® 2000
operating system. Secondary logon allows administrators to avoid
having to log on with an administrative account for each task.
Instead, secondary logon enables administrators to log on with an
ordinary user account and then start trusted administrative tools in
the context of the administrator's account without logging off. A user
with multiple credentials can start applications under different
credentials without needing to log off.. Source: Microsoft.com (March 3, 2000)
Windows 2000's Run As Command
Using Windows 2000's Run As Command Windows
2000 (Win2K) includes a Run As command that lets you log on as one
user (e.g., a member of the Users group) and run programs as a
different user (e.g., a member of the Administrators group).
Fortunately, Win2K's Run As command helps you minimize the risks to
your administrator account. Run As to the Rescue With the Run As
command, you can log on to your computer with a standard user account
and run ...
Excerpted from the Windows 2000 Online
To start an instance of the Windows 2000
command prompt as an administrator on the local computer, type:
When prompted, type the
To start an instance of the Computer
Management snap-in using a domain administrator account called companydomain\domainadmin,
/user:companydomain\domainadmin "mmc %windir%\system32\compmgmt.msc"
When prompted, type the
To start an instance of Notepad using a
domain administrator account called user in a domain called domain.microsoft.com,
/user:firstname.lastname@example.org "notepad my_file.txt" When
prompted, type the account password.
To start an instance of a command
prompt window, saved MMC console, Control Panel item, or program that
will administer a server in another forest, type:
/netonly /user:domain\username "command" domain\username
must be a user with sufficient permissions to administer the server.
When prompted, type the account password.
Cannot Use Run As with Share Folder Snap-in
Microsoft Knowledge Base Article: 279168 - When you try to remotely share a folder by using the Shared Folders snap-in, you may be unable to share a remote computer's folder, and you may receive the following error
message: Share name share name to be created
is invalid NOTE: This error message only occurs when you
use the Run As feature of the MMC console.
Cmd.exe Shortcut Does Not Have Same "Run as" Behavior as Command Line
Microsoft Knowledge Base Article: 258948 -
When you use the Run as command from a Microsoft default shortcut whose Start in value is set to "%HOMEDRIVE%%HOMEPATH%" (a common default for shortcuts created by Windows 2000), the command does not work and generates a "The
directory name is invalid" error message. This can occur if the
primary user's account has a home folder that is mapped from a server
share, on which the secondary user (usually the local administrator)
does not have privileges
RUNAS Command Does Not Work with UPN or Plain User Name
Microsoft Knowledge Base Article: 272472 - After you install Windows 2000 Service Pack 1, the
the runas command may not work correctly (whether you use the
command from a command prompt or in a script).
"Run As" Has Inappropriate Localization of "Administrator"
Microsoft Knowledge Base Article: 258163 - In the Multilanguage version of Windows 2000 Professional or Server, if you select a language other than English for
the Menus and Dialogs setting, the Run As command (and
other parts of the graphical user interface that present a secondary
logon prompt) places the localized Administrator string in the User
Name box rather than the system-defined (default English) name of
the local administrator account. Because the account name (for
example, "Administrateur") is not recognized, any password
you use is not a valid password. If you change the localized
administrator account to the English "Administrator"
account, the password is recognized.
Runas Utility Uses Default Profile When Invoked from Command Prompt If Not Using the /profile Switch
Microsoft Knowledge Base Article: 254094 - When you use the Runas utility without
the the /profile option from a command prompt, the default user
profile is used instead of the profile of the impersonated user.
Windows 2000 Secondary Logon (Run As) Does Not Work from a Domain Controller
Microsoft Knowledge Base Article: 244429 - When you type a valid user name and password in the
the Run As Other User dialog box on a domain controller, you
may receive the following error message: Unable
to logon: Logon failure: unknown user name or bad password.
© 1999-2003 LabMice.net and TechTarget
All rights reserved
This site and its contents are Copyright 1999-2003 by LabMice.net. Microsoft, NT, BackOffice, MCSE, and Windows are registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses or is
affiliated with LabMice.net. The products referenced in this site are provided by parties other than LabMice.net. LabMice.net makes no representations regarding either the products or any information about the products. Any questions, complaints, or claims regarding the products must be
directed to the appropriate manufacturer or vendor.