Active Directory/Documentation/Admin Shortcuts

From WolfTech
Jump to navigation Jump to search

It is a good security practice not to use an OU Admin account for everyday computing. However, this can make the administration of your network a pain. Fortunately, the runas command allows you to run programs that need OU Admin priveleges while logged in as a normal domain user.

The following shows how to runas common OU Admin tools. Simply create a new shortcut, using the below path as the Target and change <userid> to your userid. When you run the shortcut, you will be prompted to type your password, then the tool will launch using the alternate credentials.

  • Generic Admin CMD prompt
 %windir%\system32\runas.exe /user:wolftech\<userid>.admin "cmd"
  • Generic MMC (build your own toolbox)
%windir%\system32\runas.exe /user:wolftech\<userid>.admin "mmc"
  • Active Directory Users and Computers
%windir%\system32\runas.exe /user:wolftech\<userid>.admin "mmc %windir%\system32\dsa.msc"
  • Group Policy Management Console
%windir%\system32\runas.exe /user:wolftech\<userid>.admin "mmc %windir%\system32\gpmc.msc"
  • Computer Management Console
%windir%\system32\runas.exe /user:wolftech\<userid>.admin "mmc %windir%\system32\compmgmt.msc"
  • Offer Unsolicited Remote Assistance
C:\WINDOWS\system32\runas.exe /NETONLY /user:wolftech\<userid>.admin 
"%windir%\PCHEALTH\HELPCTR\Binaries\helpctr /url 
  • In Vista (within the admin cmd prompt):
msra /expert
  • Shell Run As: (get gui right click change user back in vista):