Active Directory/Documentation/Admin Shortcuts

From WolfTech
Jump to navigation Jump to search

It is a good security practice not to use an OU Admin account for everyday computing. However, this can make the administration of your network a pain. Fortunately, the runas command allows you to run programs that need OU Admin priveleges while logged in as a normal domain user.

The following shows how to runas common OU Admin tools. Simply create a new shortcut, using the below path as the Target and change <userid> to your userid. When you run the shortcut, you will be prompted to type your password, then the tool will launch using the alternate credentials.

  • Generic Admin CMD prompt
 %windir%\system32\runas.exe /user:wolftech\<userid>.admin "cmd"
  • Generic MMC (build your own toolbox)
%windir%\system32\runas.exe /user:wolftech\<userid>.admin "mmc"
  • Active Directory Users and Computers
%windir%\system32\runas.exe /user:wolftech\<userid>.admin "mmc %windir%\system32\dsa.msc"
  • Group Policy Management Console
%windir%\system32\runas.exe /user:wolftech\<userid>.admin "mmc %windir%\system32\gpmc.msc"
  • Computer Management Console
%windir%\system32\runas.exe /user:wolftech\<userid>.admin "mmc %windir%\system32\compmgmt.msc"
  • Offer Unsolicited Remote Assistance
C:\WINDOWS\system32\runas.exe /NETONLY /user:wolftech\<userid>.admin 
"%windir%\PCHEALTH\HELPCTR\Binaries\helpctr /url 
hcp://CN=Microsoft%20Corporation,L=Redmond,S=Washington,C=US/Remote%20Assistance/
Escalation/Unsolicited/unsolicitedrcui.htm"
  • In Vista (within the admin cmd prompt):
msra /expert
  • Shell Run As: (get gui right click change user back in vista):

http://www.wolftech.ncsu.edu/support/support/Active_Directory/Documentation/ShellRunAs


Notes