runas

The runas command was introduced with the Windows 2000 operating system.{{Cite web |title=MS-DOS and Windows command line runas command |url=https://www.computerhope.com/runas.htm |access-date=2024-07-04 |website=computerhope.com}} Any application can use this API to create a process with alternate credentials, for example, Windows Explorer in Windows 7 allows an application to be started under a different account if the shift key is held while right clicking its icon. The program has the ability to cache verified credentials so that the user only ever has to enter them once.

The command-syntax is:{{Cite web |title=Runas - Run under a different user account - Windows CMD - SS64.com |url=https://ss64.com/nt/runas.html |access-date=2024-07-04 |website=ss64.com}}

runas [{/profile | /noprofile}] [/env] [/netonly] [/smartcard] [/showtrustlevels] [/trustlevel:] [/savecred] /user: program

This section is paraphrased from the runas /? command.

• /noprofile: Speeds up the loading of the application by skipping the loading of the user's profile. Note that this might not speed up every application.
• /profile: Do not skip loading the user's profile. This is the default setting.
• /env: Use the actual environment, not the user's.
• /netonly: Specifies that the given credentials are to be used for Remote access only.
• /savecred: Credentials saved by the previous user. This setting is not available on Windows 7 Home or Windows 7 Starter Edition. This setting is left out from Windows XP Home Edition as well.
• /smartcard: Specifies that the credentials will be supplied from a smartcard.
• /user: Format is either USER@DOMAIN or DOMAIN\USER.
• /showtrustlevels: Shows help (list of usable trust level parameters) for the /trustlevel switch.
• /trustlevel: One of the trust levels listed by the /showtrustlevels switch.
• program: Command line for the executable file. See examples below.

Note: Only type in the user's password, when the system asks for it.

Note: The /profile switch is not compatible with the /netonly switch.

Note: The /savecred and the /smartcard switches may not be used together.

runas /noprofile /user:machine\administrator cmd

runas /profile /env /user:domain\admin "mmc %windir%\system32\dsa.msc"

runas /user:user@domain.example.org "notepad C:\filename.txt"

runas /user:administrator /savecred "shutdown /i"

The command is also included in the Inferno operating system.{{Cite web|url=http://inferno-os.org/inferno/man/1/runas.html|title = Inferno's RUNAS(1 )}}

runas writes the user to /dev/user and invokes cmd with the given arguments.

runas user cmd [arg...]

Note: The command is only invoked if setting of the username succeeds.

• Comparison of privilege authorization features
• sudo
• doas
• Principle of least privilege
• User Account Control, which disables the Administrator SID for the desktop, allowing it to re-enabled by exception.

{{Reflist}}

• {{Cite book|first=Æleen|last=Frisch|year=2001|title=Windows 2000 Commands Pocket Reference|publisher=O'Reilly|isbn=978-0-596-00148-3}}
• {{Cite book|first=William R.|last=Stanek|year=2008|title=Windows Command-Line Administrator's Pocket Consultant, 2nd Edition|publisher=Microsoft Press|isbn=978-0735622623}}

{{Wikibooks|Guide to Windows Commands}}

• [https://technet.microsoft.com/en-us/sysinternals/cc300361.aspx Sysinternals ShellRunas]
• [https://runas.eu Alternative Runas tools]
• {{man|1|runas|Inferno}}

{{Windows commands}}

Category:Operating system security

Category:Microcomputer software

Category:Computer security software

Category:Windows administration

Category:Inferno (operating system) commands