#394 Run as user - netonly

open
nobody
None
5
2013-01-30
2013-01-30
kimstie
No

I work in an environment with multiple domains without trust, and I run many prompts in different contexts. normally I start them by the command: runas /netonly /user:someuser@somedomain.local cmd
I would love a feature where you could click that the "Run as user", would be with the netonly parameter.

Discussion

  • chrisz
    chrisz
    2013-02-09

    Hi,
    You can try this version https://truck.it/p/YbeBZt4nnC
    I added "Net only" option.

     
  • kimstie
    kimstie
    2013-02-09

    Hey, I tried the version you made, but I cannot seem to get it to work as intended, when using the net only option I get the following error:
    ---------------------------
    Error
    ---------------------------
    Unable to create shared objects (reason:No mapping between account names and security IDs was done.
    )!
    ---------------------------
    OK
    ---------------------------

     
  • chrisz
    chrisz
    2013-02-10

    You must specify the user like this : domain\user

    UNC user names (user@domain) can't be used used
    MSDN:
    A trustee name can have any of the following formats:
    ...
    A domain account, such as "domain1\xyz".
    ...

    I can fix this by replacing the username from UNC to domain\user form if the username contains @.

     
  • kimstie
    kimstie
    2013-02-10

    I experimented a bit with this now. If I use the net only, with a domain with trust, the following will happen http://i.imgur.com/xY6mLmI.png The new prompt that pops out, is indeed running in the context specified in settings. This happens no matter what domain notation I use (user@domain or domain\user).

    If I try to use it with a domain without trust, the "Unable to create shared object error" will appear. No matter what domain notation I use.

    I do not know if it is even possible to do this in your app, but thanks a bunch for trying :D

    Bonus info: I do not know how you are implementing this, but you should know that when you use the windows command "runas /netonly", then it does not validate the credentials when starting the prompt, hence why this is possible to a domain without trust.

     
  • chrisz
    chrisz
    2013-02-11

    it is possible :-)
    now at work, I can test with domains ...
    I have fixed problems in the repository:
    https://github.com/cbucher/console

    I can build a beta in few days (I am on the move).

     
  • kimstie
    kimstie
    2013-02-11

    That's cool, no rush. I'll wait for the new beta, I don't know how to compile myself :)

     
  • chrisz
    chrisz
    2013-02-14

    this beta should work: https://truck.it/p/vnyHVYgRE5

     
  • kimstie
    kimstie
    2013-02-15

    Thanks a bunch cbucher, it works like a charm! Great feature, for me at least :)