I often run cmd shell using runas with multiple domain accounts, how could I get the domain name from the shell that was running under a different domain account?
Example:
C:\>echo %userdomain%
DOMAIN1
C:\>runas /netonly /user:DOMAIN2\USER cmd
Enter the password for DOMAIN2\USER:
Attempting to start cmd as user "DOMAIN2\USER" ...
Now on the new shell which is running as DOMAIN2\USER still gives me the %userdomain% output as DOMAIN1. Is there a way I could get the domain of runas account?
This is the expected behavior of RunAs when used with the /netonly parameter.
Using /netonly allows you to run your command/application/shell with your user (DOMAIN1\USER), while authenticating over the network with another user (DOMAIN2\USER).
From Microsoft Documentation:
/netonly Indicates that the user information specified is for remote access only. This parameter cannot be used with the /profile parameter.
You can however open the new cmd.exe prompt with a command that will set a variable you can then use... for example:
runas /netonly /user:DOMAIN2\USER "cmd /K SET NETONLYUSER=DOMAIN2\USER"
So you can access this variable in the new cmd.exe with %NETONLYUSER%
Related
I am writing a Dockerfile on top of mcr.microsoft.com/windows/servercore which is supposed to run a script in administrator mode and then start CMD. The CMD shell should not be elevated. How do I achieve the same?
If I add USER ContainerAdministrator to my Dockerfile, the first script is run without any issues but the CMD shell is then elevated.
The other option might have been to use USER ContainerAdministrator and then spawn CMD with runas /user:ContainerUser, but runas needs password to be entered via a prompt (or using /savecred but that won't work here), so it's not possible either.
Thanks in advance!
I have a script which has to run from an administrator level powershell/cmd prompt
Why? Because it has to use logman to get windows counters
Problem: The software for which I want to log the windows counters for has to be started with regular user level rights.
I've seen that there are lots of examples on how to run as Administrator
I don't see any on running as Regular User
Launch exe file
Start Logman (Admin level)
Run Bat File to Open Program
Bat File should run with regular user level priv's
I had a look at using RUNAS but that requires password entry, which I don't want.
Is there some other way on windows to delevate?
you could use psexec
psexec -l powershell.exe -executionpolicy unrestricted -noexit -file c:\temp\checkelevated.ps1
-l : Run process as limited user (strips the Administrators group and allows only privileges assigned to the Users group). On Windows Vista the process runs with Low Integrity.
I have a program set to launch automatically via a runas savecred command and would like to make it so that it doesn't prompt me for the password for each login
On Windows 10, I have a command shortcut in startup to launch a program as a different user than I am logging into the computer with. With the runas savecred switch, it still prompts for the password at each login in the commmand prompt
C:\Windows\System32\runas.exe /savecred /user:DOMAIN\USERNAME "mmc %windir%\system32\dsa.msc"
I would like for it to simply launch the application every time I log into windows. It currently prompts me for the password when the command runs. Does the savecred credentials get deleted when you log out of Windows?
This is old, but try adding /persistent:yes
The short and skinny is that I am trying to create a script for a self serve password reset script that can be delivered via our remote application program (in this case, 2X).
The current iteration of my script is as follows:
#ECHO OFF
SET passchange=%username%
ECHO Changing password for %passchange%
runas /profile /user:administrator "net user %passchange% * /domain"
PAUSE
I arrived at the current iteration because net user on its own returned "System Error 5 has occurred. Access Denied." As a result I am attempting to elevate the command using runas.
That elevation is also why I'm attempting to map a custom variable to a system variable, as when using runas, %username% maps to administrator instead of the logged in user. So what I'd like to do is find some way to lock that %passchange% variable.
Or maybe there's a better way to accomplish this so that it can be run as the user without the runas method of elevation? We do not plan to give users admin rights. Unless this is another permission issue?
I'd like to run a windows application in the context of another user. I have an administrator and several user accounts in one machine and I would like to have the administrator start certain applications for each user account (preferably using shell commands).
I tried the runas command but that appears to run in the administrator session as the specified user. I want to run the application as the user session in the user context (hope that makes sense).
For example, using user administrator I would like to start notepad.exe so that user1 (logged in) can see it appear onscreen. Is that possible?
You can use PsExec for this : http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
use with argument : -i Run the program so that it interacts with the desktop of the specified session on the remote system. If no session is specified the process runs in the console session.
ex. This will start IE on other computer
psexec \client -i "c:\program files\internet explorer\iexplore.exe"
/René