Execute a program under a different user account.
Syntax
RUNAS [/profile] [/env] [/netonly] /user:user Program
Key
/profile Option to load the user's profile (registry)
/env Use current environment instead of user's.
/netonly Use if the credentials specified are for RAS only.
/user Username in form USER@DOMAIN or DOMAIN\USER
(USER@DOMAIN is not compatible with /netonly)
Program The command to execute
Examples:
runas /profile /user:mymachine\administrator CMD
runas /profile /env /user:SCOT_DOMAIN\administrator NOTEPAD
runas /env /user:jDoe@swest.ss64.com "NOTEPAD \"my file.txt\""
Enter the password when prompted.
RunAs from the Windows explorer GUI
Select an executable file, Shift-Right-click and select Run As..
This option can be hidden by setting
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HideRunAsVerb=1
ErrorLevel
The error level (%ERRORLEVEL%) returned by RunAs is not consistent between operating systems
In Windows 2000: success=1, failure=0
In Windows XP and above: success=0, failure=1
Example
RUNAS /user:SCOT_DOMAIN\jDoe"mycommand.exe"
RunAs Reqires the "Secondary Logon" service to be running.
“He who reigns within himself, and rules passions, desires, and fears, is more than a king” - Milton
Related:
AT - Run a command on a remote machine (at a scheduled
time)
Aaron Margosis - Running with least privilege
joeware.net - CPAU (Create Process
As User) like RunAs but with an options to encrypt the password.
PsExec - Execute process remotely
Powershell: you can run an entire powershell session via RunAs to elevate your permissions.
Equivalent bash command (Linux): SU - Switch User
