netonly switch of runas to run a program while impersonating a domain user even if the computer you're on is not joined to the domain. E.g.:
runas /netonly /u:domain\user notepad.exe
The command will use your credentials to run the program, but the domain user's credentials when authenticating over the network. It's really handy.
Recently I tried to do this with a program that is sensitive to the current working directory. Unfortunately, runas will set the working directory to %WINDIR%\System32 when impersonating. I discovered that you can work around this issue with the following command line.
runas /netonly /u:domain\user "cmd /c \"cd \"%CD%\" ^& program"
There are few details involved in this command:
- The
%CD%environment variable expands to the current working directory. Note that this variable expansion takes place before the entire command begins to execute, so it's expanded to the current working directory of therunascommand. - To escape quotes in the
runascommand parameter, you use\". This is only unusual in the sense that all Windows command line programs escape special characters in a different way, andrunasis unique in having an ordinary way of escaping quotes. - To run multiple commands in one line, you use an ampersand (i.e.
command1 & command2). Since we're passing this as an argument tocmd /c, we need to escape the&.cmduses the^(the caret) to escape ampersands and other special characters.
P.S. Knowing about %CD% is very useful if you use the command line in Windows a lot. For example, if you want to copy the current directory to the clipboard, you can use echo %CD% | clip.
Unrelated but also useful: if you want to copy the full path of some files in the current directory, you can use the command dir /b /s *.txt | clip.
No comments:
Post a Comment