[nltung]

Hello everybody,
I'm actually using Windows Server 2003 (for personal use only), but I think the concept should be the same with Windows XP. As a good security practice, I only log in with my normal user account and carry out the installation routines with the command "run as" (right click on an .exe file). But when I have to config a particular option in windows, most of them are in control panel, there is no such "run as" option k , and the only thinng I can do is logging of which is pretty disturbing (windows server 2003 doesn't support fast user switching, does it ??? If it does please give me a hint )

Even when I try to do it with the command line : "runas /user:Administrator control", after correctly entered the passoword it showed me "Attempting to start control as user .." and went back to the command prompt without any error message
I also tried to create a shortcut of the control panel and used the right click run as thing, entered the password and also not thing happened. The same with Windows Explorer

Can anybody help me out
Thanks so much in advance

[moper]

On the control panel items, try holding down 'Shift' as you right click an item. Does 'Run As' now appear in the dialog box?



moper

[techkid]

Do a search for CPL files (Start > Search. In the filename box, type *.cpl). You have the options for Run As there.

As far as I know, this is the only way to do it.

[nltung]

@moper : Thanks for the tip , it worked on control panel. But still I cannot open Windows Explorer with the administrator account, although it does provide the "run as" option but as I described above : after successfully entered the admin-password nothing happened, windows explorer even didn't show up (no error message at all ) . Without administrator rights I cannot format a drive for example.

@techkid : I didn't try it but I think it should be the same principle like what moper suggested.

By the way, I would like to ask if some of you also use windows under normal user account ?. I am also using windows vista and the "run as" concept here work pretty well, I don't even have to choose "run as" option, whenever a application need an admin rights, vista will ask me for it.

But in windows server 2003 it is relative troublesome, besides the problems I mentioned above, some applications don't seem to work correctly under normal user account, some don't work at all and I need to use the "run as" option, and some don't even work with the "run as" option (they don't show up at all like windows explorer and control panel) --> The only way is logging off and log on with the admin account, what a nuisance

I dont want to give my current account administrator rights because of security reason (I dont have an antivirus program, there isn't any free antivirus for windows server). So it would be great if you can share me your experience

[Elvandil]

Use the Run box. For Control Panel run control.exe, or the specific applet, desk.cpl, for example.

[nltung]

But how ? I've even tried with command line "runas /user:Administrator explorer" for example, but it doesn't work, the explorer windows didn't showed. Run box is essentially the same like command line, and only entering control.exe , desk.cpl,...whatever doesn't give me administrator rights. I've solved the problem with control panel, the only one remains is with windows explorer.

[Elvandil]

Go to Start and type:
cmd
in the Search box. Hold down Ctrl+Shift and click Enter. A window will open with Admin privileges.

[moper]

Have you tried this. Create a shortcut on the desktop for Windows Explorer. In the 'Properties' box, click 'Advanced. Click, 'Run with different credentials'.
You can also do that for 'cmd'.


moper

[nltung]

Thank you all !!! I've solved the problem

[DeeDeeRamone]

Quote:

Originally Posted by nltung

Thank you all !!! I've solved the problem

Hi

I have Windows 2003 Server at work and OpenSUSE 10.2 at home.

In OpenSuSE 10.2 since years ago is normal to run programs as root from a normal user account. Is very easy. Also you can open the console as root and you will run all commands as root from there.

This tool is completly necessary if you want to have your system protect against viruses and other attacks.

I login in Windows 2003 Server as normal user (as in all linux) and I want to run commands with administrator rights.

I've find a half solution: you can click right button in the selected menu's program and choose "Run as ...", but this half solution does not work in all options from menu. And for the most important program: explorer.exe neither works.

Also you need click right mouse button with the shift key down to choose "Run as ..." in the Control panel, but neither this option work in all control panel programs (the more important for me "net's connections" doesn't work this way).

Somebody can tell me why you cannot do it with all programs?

This is a very big botched job from M$. Is prone to login as administrator and get viruses in your computer (you cannot login as root in linux or you get a message recommending do not do it).

I think that M$ likes that viruses spread around the world, if not, I cannot understand why you cannot run all programs with administrator rigths from a normal user account. Is a basic security law.

I tried all options in this thread and none of them solved the problem.

@moper: I created the shortcut on the desktop, but I cannot choose "run with different credentials", this option is grayed.

@Elvandil: I cannot understand you mean: "type cmd in the search box". I tried to type cmd in the search menu option and "Hold down Ctrl+Shift and click Enter" and nothing happens. By the way, is not a solution to open cmd with administrator's rigths. I did it and I cannot run explorer.exe.

@nltung: Could you tell us how you solved it, please?


Thanks in advance,
DeeDeeRamone.

[CybrToad]

Found this elsewhere on the web and it worked in our environment: The account that you are trying to log in as using the runas command must have the Launch folder windows in a separate process box checked under folder options.

This registry entry will make the desired change:

Windows Registry Editor Version 5.00
[HKEY_USERS\S-1-5-21-1651861488-2582805145-918277505-2105\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced]
"SeparateProcess"=dword:00000001

[DeeDeeRamone]

Very thanks for your reply.

I've found a web site with a very good explanation about it:
http://urpiano.wordpress.com/2006/02/25/15/


Regards.

[DeeDeeRamone]

Sorry, it is in Spanish.

I think you can understand the windows commands.

You can try to translate at Google.

Regards.