/build/static/layout/Breadcrumb_cap_w.png

Runas command

Is there a way to include the password in the command string or turn off the prompt for password? I am trying to run a command that our users are not allowed to run but I get prompted for a password during the execution of the bat file.

0 Comments   [ + ] Show comments

Answers (5)

Posted by: cdupuis 20 years ago
Third Degree Green Belt
0
Use AutoIT, that way you can script the password into it, you can even compile it exe with a password for decopmpile so your password stays safe. AutoIT has a PasWait command, that is what you need.
Posted by: jbonbright 20 years ago
Senior Yellow Belt
0
There's a great utility out there that does this - cpau.exe. It's available at http://weblogs.asp.net/bhouse/articles/27986.aspx. You basically run this from a command line, just like runas, so it works great in scripts.

Here's how you would use cpau.exe to run regedit as local administrator on a local machine named \\computer with the password "password":

cpau –u computer\administrator –p password –ex regedit.exe –profile

I'd recommend reading the documentation before using. Oh, and you may want to send the guy a small donation as gratitude, if you like it.
Posted by: jbonbright 20 years ago
Senior Yellow Belt
0
One thing else I should mention: cpau.exe will only work on systems that support runas - i.e. Windows 2000, XP, and 2003. It will NOT work on NT.

Here's a better link to the download page for cpau: http://www.joeware.net/win/free/tools/cpau.htm
Posted by: bkelly 20 years ago
Red Belt
0
Another solution is to use the Script Packager feature of the Admin Script Editor: http://www.adminscripteditor.com/editor/scriptpackager/

This provides "RunAs" functionality (but does not actually use the RunAs utility itself). What you can do is create an encrypted executable out of your script (with any resource files you may need) and what you can do is specify the credentials under which the executable should run. Not only that, but the source files are protected by EFS and NTFS security during execution. If you wanted to put a password in the script, it would be pretty safe- but you don't even need to because you can specify the account the executable is to use at the time you create it in the editor.

Also has a really cool WMI wizard worth checking out: http://www.adminscripteditor.com/editor/wmiwizard/
Posted by: aogilmor 20 years ago
9th Degree Black Belt
0
I've done this before:

A further security by obscurity technique would be to pass the ASC{} character as a number.

I guess no method of providing a password from a file is truly secure, but you can make it harder [;)]

Also, you have to consider maintainability - if the admin password changes your script breaks.


ORIGINAL: cdupuis

Use AutoIT, that way you can script the password into it, you can even compile it exe with a password for decopmpile so your password stays safe. AutoIT has a PasWait command, that is what you need.
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ