Including password in Su.exe or Runas
Here is the command syntax for TQCRunas:
>TqcRunAs [/profile] [/env] [/netonly] [/w] [/dd] [/dom <Domain>
/user <Username /pw <passwd> commandline
/profile to load the user profile.
/env to use the current environment variables.
/netonly use if the credentials will be used only for network access.
/w wait for the new process and return its exit code.
/dd use the default domain if exists, otherwise the local machine is used unless you specify other domain with /dom
/dom <Domain> use it if you want to specify a domain, by default the local machine is used
/user <Username>
/pw <Password>
program command line. See the examples
Examples:
>tqcrunas /profile /user administrator /pw passwd cmd
>tqcrunas /profile/env /user admin /pw passwd "mmc %windir%\system32\dsa.msc"
>tqcrunas /env /user user /pw passwd "notepad \"my file.txt\""
Including password in Su.exe or Runas
Hey you're right!! Here is a quick procedure i created for anyone who needs help.
1) Logon as the administrator account (local or domain)
2) Create a user LOCALLY named (whatever) password ******
3) Make (whatever) a LOCAL administrator
4) Go to the TQCrunas directory (where it was uncompressed)
5) Copy TQCrunas.exe into the c:\winnt directory of the computer you are working on.
6) Copy the TQCrunas.dll into the c:\winnt\system32 directory
7) Using dos, enter the system32 directory.
Type ?regsvr32 tqcrunas.dll?
You should see a confirmation
9) Now open MS DOS. Go to the root directory (cd \). Now use this command line to create your tqc file. Note, this command line will create an ENCRYPTED file that contains the command line.
TqcRunas -build (executablename).tqc -d (localcomputername) -user (whatever) -pw ????? -e C:\Location\of\executable.exe
10) Now there is a file named (executablename).tqc in your C
Directory. Copy that file into C:\Documents and Settings\All Users\Startup Menu. This will allow all users that sit down at this computer to run that program as a LOCAL ADMIN.
11) Before you log out, double click the file and point it to C:\winnt\
12) Now log out as the Administrator, log in as theuser, and test the .tqc file. It should work.
Thanks you very very much Mr. Moore!!!
Including password in Su.exe or Runas
As we all know, running legacy applications on windows 2000 is an absolute pain in the ***. I mean, if you dont have a problem giving people local ADMIN access, no problem right? Wrong. We went to windows 2000 to stop people from installing AOL (and a host of other crap) and we're not about to give people administrative access to the computers. We've spent to much money and man hours on support called because people were able to futz with their computers (win9
Fine. But now the issue of running these legacy programs (****, how about the latest version of dragon dictate? they REQUIRE the user have administrative access to their computers. and thats not even a legacy program!!! crappy software....) on windows 2000is beginning to really harrass us.
I know about runas.exe and started researching su.exe. What i really wanted to do is this.
Create a LOCAL admin on the computer (named runner). Then take a .bat file and have the .bat file run
"runas.exe /user:runner c:\folder\legacy.exe"
Obviously you dont want a .bat file to have a local administrator password embedded in it. I had planned to hand that .bat file over to our VB programmer and have him make it into an .exe (so people cannot see the PASSWORD). (****, i was even going to just rename the .bat to a .exe, change the icon, and boom. No-one would know the difference) But the problem is, runas.exe (and as far as I know su.exe) will NOT allow you to imbed the password in the command line. DOH.
If I can pull this off somehow, this information would come in VERY VERY handy to every win2k admin i KNOW. But I'm stuck at this point.
Any ideas?
Thanks!
-Ginel Lipan
public@lipan.org
MIS Dept.
This conversation is currently closed to new comments.