Thursday, April 20, 2006

runas without domain trusts

Being a consultant, I often work from my own laptop on my customers computers. This often results in a lot of commands like these -
net use \\server\ipc$ /user:custdomain\account

Recently, I discovered, that I could actually create a new process with runas and use my customer credentials from that process. The trick is the /netonly argument. If I do a -
runas /user:custdomain\account /netonly cmd
I end up with a command prompt running as my normal user. But when I access network resources from that command prompt - or any child processes - I do it with my customer credentials. Needless to say, this saves a lot of tedious work.

Remember that if you do somethings, that invokes Explorer, you are often back to your default credentials - read more here.

When you use /netonly, you can actually specify any domain\user you like. The security check will - as always - be made when you try to access a resource.

2 comments:

Anonymous said...

Incredibly useful tip. Been struggling with this for a while myself and stumbled on this which saved me many hours work

Unknown said...

Epic save!! I'm VPN'd into work working on an unjoined, home PC and the aforementioned /netonly switch allowed me to run a command prompt with my domain admin credentials, instead of my default credentials of my home OS. Great tip, and helpful tip bonus in the point that invoking explorer.exe will often run as default credentials. Exactly what I needed!