runas - egnomerator/misc GitHub Wiki

runas

References

runas reference | SO reference

The Command

Syntax:

(used below in Example Usage 1)

runas /user:domain\username program

or

(used below in Example Usage 2)

runas /netonly /user:domain\username program

(there are other command options)

Example Usage 1: Run SSMS as another user on the current machine

Note: equivalent UI option available

  • this can be accomplished through the UI by shift-right-clicking an application and choosing the "Run as different user" option
    • this context menu option seems to appear for executables and taskbar shortcuts but not start menu shortcuts
  • then provide the different user credentials

Usage:

runas /user:domain\username "C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\Ssms.exe"

after running the runas command in CMD, SSMS opens with the normal modal for choosing a server

  • provide the server name
  • select Windows Authentication
    • notice that the User Name field value is the different user
  • it should successfully connect (assuming the user has access rights)
  • the server node will display the different user
  • similarly, after opening a new query window, the status bar will display the different user

Sanity Check in the new query window execute SELECT SUSER_NAME() to verify the current user context

  • the query result should verify that the user context it ran under was the different user

Example Usage 2: access a remote database via SSMS running locally

This requires the /netonly flag

  • this will cause the provided credentials to only be used for remote access

Note: equivalent UI option not available

  • the UI "Run as different user" context menu feature does not have an ability to designate only remote access

My use case

  • For work, I had to access a database on a server on a private network for which I had AD credentials but my local machine wasn't on that domain, and these AD credentials were required to access the database
  • While connected to the network via the VPN that my work required, I used the runas command from my local machine passing the AD credentials so that when I tried to access the server from SSMS with Windows Authentication, the AD credentials would be used

Usage:

runas /netonly /user:domain\username "C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\Ssms.exe"

after running the runas command in CMD, SSMS opens with the normal modal for choosing a server

  • provide the server name
  • select Windows Authentication
    • notice that the User Name field value is still the local user and not the different user passed to the runas command
  • it should successfully connect (assuming the runas-provided user has access rights)
  • the server node will still display the local user
  • similarly, after opening a new query window, the status bar will display the local user

Sanity Check in the new query window execute SELECT SUSER_NAME() to verify the current user context

  • the query result should verify that the user context it ran under was the different user passed to the runas command

Difference Between Usages

  • The first example usage really does run the program as a different user
  • The second example usage, thanks to the /netonly flag, runs the program as the current user (as normal), but keeps the different user credentials for any time the program needs to perform remote access.
⚠️ **GitHub.com Fallback** ⚠️