Execute a program under a different user account.
Syntax
RUNAS [/profile] [/env] [/netonly] /user:user Program
Key
/profile Option to load the user's profile (registry)
/env Use current environment instead of user's.
/netonly Use the credentials specified only for remote connections.
/user Username in form USER@DOMAIN or DOMAIN\USER
(USER@DOMAIN is not compatible with /netonly)
Program The command to execute
Enter the password when prompted.
When you start a program with RunAs /netonly, the program will execute on your local computer as the user you are currently logged on as, but any connections to other computers on the network will be made using the user account specified.
Without /netonly everything will run under the user account specified.
RunAs from Windows Explorer
Select an executable file, Shift-Right-click and select Run As..
This option can be hidden by setting
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HideRunAsVerb=1
ErrorLevel
The error level (%ERRORLEVEL%) returned by RunAs in Windows XP and above: success=0, failure=1
Examples
Runas /user:SCOT_DOMAIN\jDoe "mycommand.exe" Runas /profile /user:mymachine\administrator CMD Runas /profile /env /user:SCOT_DOMAIN\administrator NOTEPAD Runas /env /user:jDoe@swest.ss64.com "NOTEPAD \"my file.txt\""
RunAs Reqires the "Secondary Logon" service to be running.
“He who reigns within himself, and rules passions, desires, and fears, is more than a king” - Milton
Related:
AT - Run a command on a remote machine (at a scheduled
time)
Aaron Margosis - Running with least privilege
joeware.net - CPAU (Create Process
As User) like RunAs but with an options to encrypt the password.
PsExec - Execute process remotely
Powershell: you can run an entire powershell session via RunAs to elevate your permissions.
Equivalent bash command (Linux): SU - Switch User
