RUNAS - CMD
Overview
RUNAS
is a command in Windows CMD that allows a user to run specific tools and programs with different permissions than the user’s current logon session. It is particularly useful for administrators who need to run applications under another user’s context or with elevated privileges without switching users or logging out. This command is vital for maintaining security and accessing restricted files or settings when needed.
Syntax
The basic syntax for RUNAS
is as follows:
RUNAS [/profile] [/env] [/netonly] [/smartcard] [/noprofile] [/showtrustlevels] [/trustlevel:<Level>] /user:<UserName> program
/profile
loads the user’s profile (default)./env
uses the current environment instead of the user’s./netonly
indicates the program is to be run on a remote system./smartcard
requires the use of a smart card./noprofile
specifies that the user’s profile should not be loaded./showtrustlevels
displays the trust levels that can be used with/trustlevel
./trustlevel
runs the program at a specific trust level./user
specifies the user context the command should run under.
<UserName>
should be in the format USER@DOMAIN
or DOMAIN\USER
.
program
refers to the command or executable you want to run with elevated privileges.
Options/Flags
/profile
: Loads the user’s profile. This ensures that the application runs with settings specific to the user./noprofile
: Does not load the user’s profile, which can speed up the execution time but might not retain user-specific settings./env
: Uses the current environment variables instead of the user’s./netonly
: Useful for accessing resources on another domain where credentials different from the local computer are needed./smartcard
: When executing commands that require Smart Card authentication./showtrustlevels
: Useful to view what levels of trust can be applied to processes./trustlevel
: Run the command at a specific trust level, such as “0x20000” (Standard User) or “0x40000” (Administrator).
Examples
1. Run Microsoft Management Console as an administrator:
RUNAS /user:administrator "mmc"
2. Run Notepad under a different user account within your network:
RUNAS /user:DOMAIN\UserName "notepad"
3. Open a command prompt with administrative privileges:
RUNAS /user:administrator "cmd"
Common Issues
- Access Denied: Ensure the user has the necessary rights to run the command and access the designated program.
- Incorrect Password: Double-check credentials as passwords must be entered correctly when prompted.
- User Profile Issues: Using
/noprofile
can solve issues where the user profile fails to load or is corrupted.
Integration
RUNAS
can be combined with batch scripts or other CMD commands to automate tasks under different user permissions:
RUNAS /user:admin "cmd /c del C:\test\file.txt"
RUNAS /user:admin /netonly /env "cmd /c gpupdate /force"
Related Commands
CMD
: Opens the command prompt window. Useful withRUNAS
to perform tasks with elevated privileges.GPUPDATE
: Refreshes policy settings; often run with administrative rights viaRUNAS
.
Explore Microsoft’s official documentation for more in-depth details and additional examples.