{
	"id": "650eda55-1817-4b4c-9593-d612080c364a",
	"created_at": "2026-04-06T00:18:23.177587Z",
	"updated_at": "2026-04-10T03:21:20.442723Z",
	"deleted_at": null,
	"sha1_hash": "6ddbe090bfa28ecf8e6657f8ea15c1283069f683",
	"title": "Runas",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 54950,
	"plain_text": "Runas\r\nBy Archiveddocs\r\nArchived: 2026-04-05 22:32:22 UTC\r\nApplies To: Windows Server 2003, Windows Vista, Windows XP, Windows HPC Server 2008 R2, Windows\r\nServer 2008, Windows 7, Windows Server 2003 R2, Windows Server 2000, Windows Server 2012, Windows\r\nServer 2003 with SP1, Windows 8\r\nAllows a user to run specific tools and programs with different permissions than the user's current logon provides.\r\nRunas is a command-line tool that is built into Windows Vista. To use runas at the command line, open a\r\ncommand prompt, type runas with the appropriate parameters, and then press ENTER.\r\nIn the user interface for Windows Vista, the Run as… command has been changed to Run as administrator.\r\nHowever, you should rarely have to use the Run as administrator command because Windows Vista will\r\nautomatically prompt you for an administrator password when it is needed.\r\nFor examples of how this command can be used, see Examples.\r\nrunas [{/profile | /noprofile}] [/env] [{/netonly | /savecred}] [/smartcard] [/showtrustlevels] [/trustlevel] /\r\nParameter Description\r\n/profile\r\nLoads the user's profile. This is the default. This parameter cannot be\r\nused with the /netonly parameter.\r\n/no profile\r\nSpecifies that the user's profile is not to be loaded. This allows the\r\napplication to load more quickly, but it can also cause a malfunction in\r\nsome applications.\r\n/env\r\nSpecifies that the current network environment be used instead of the\r\nuser's local environment.\r\n/netonly\r\nIndicates that the user information specified is for remote access only.\r\nThis parameter cannot be used with the /profile parameter.\r\nhttps://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc771525(v=ws.11)\r\nPage 1 of 4\n\nParameter Description\r\n/savecred\r\nIndicates if the credentials have been previously saved by this user. This\r\nparameter is not available and will be ignored on Windows Vista Home\r\nor Windows Vista Starter Editions. This parameter cannot be used with\r\nthe /smartcard parameter.\r\n/smartcard\r\nIndicates whether the credentials are to be supplied from a smartcard.\r\nThis parameter cannot be used with the /savecred parameter.\r\n/showtrustlevels Displays the trust levels that can be used as arguments to /trustlevel.\r\n/trustlevel\r\nSpecifies the level of authorization at which the application is to run.\r\nUse /showtrustlevels to see the trust levels available.\r\n/user:\u003cUserAccountName\u003e \"\r\n\u003cProgramName\u003e\r\n\u003cPathToProgramFile\u003e\"\r\nSpecifies the name of the user account under which to run the program,\r\nthe program name, and the path to the program file. The user account\r\nname format should be \u003cUser\u003e@\u003cDomain\u003e or \u003cDomain\u003e\\\r\n\u003cUserAccountName\u003e.\r\n/? Displays help at the command prompt.\r\nEnter the user's password only when prompted.\r\nIt is good practice for administrators to use an account with restrictive permissions to perform routine,\r\nnonadministrative tasks, and to use an account with broader permissions only when performing specific\r\nadministrative tasks. To accomplish this without logging off and back on, log on with a regular user\r\naccount, and then use the runas command to run the tools that require the broader permissions.\r\nThe use of runas is not restricted to administrator accounts, although that is the most common use. Any\r\nuser with multiple accounts can use runas to run a program, MMC console, or Control Panel item with\r\nalternate credentials.\r\nIf you want to use the Administrator account on your computer, for the /user: parameter, type one of the\r\nfollowing:\r\n**/user:\u003c**AdministratorAccountName\u003e@\u003cComputerName\u003e\r\nhttps://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc771525(v=ws.11)\r\nPage 2 of 4\n\n**/user:\u003cComputerName\u003e\\\u003c**AdministratorAccountName\u003e\r\nIf you want to use this command as a domain administrator, type one of the following:\r\n**/user:\u003cAdministratorAccountName\u003e@\u003c**DomainName\u003e\r\n**/user:\u003c**DomainName\u003e\\\u003cAdministratorAccountName\u003e\r\nWith the runas command, you can run programs (*.exe), saved MMC consoles (*.msc), shortcuts to\r\nprograms and saved MMC consoles, and Control Panel items. You can run them as an administrator while\r\nyou are logged on to your computer as a member of another group, such as the Users or Power Users\r\ngroup.\r\nYou can use the runas command to start any program, MMC console, or Control Panel item. As long as\r\nyou provide the appropriate user account and password information, the user account has the ability to log\r\non to the computer, and the program, MMC console, or Control Panel item is available on the system and\r\nto the user account.\r\nWith the runas command, you can administer a server in another domain or forest (the computer from\r\nwhich you run a tool and the server you administer are in different domains or forests).\r\nIf you try to start a program, MMC console, or Control Panel item from a network location using runas, it\r\nmight fail because the credentials used to connect to the shared network resource are different from the\r\ncredentials used to start the program. The latter credentials may not be able to gain access to the same\r\nshared network resource.\r\nSome items, such as the Printers folder and desktop items, are opened indirectly and cannot be started with\r\nthe runas command.\r\nIf the runas command fails, the Secondary Logon service might not be running or the user account you\r\nare using might not be valid. To check the status of the Secondary Logon service, in Computer\r\nManagement, click Services and Applications, and then click Services. To test the user account, try\r\nlogging on to the appropriate domain using the account.\r\nGroup Policy is not processed for the user whose credentials are supplied to the runas command. This is\r\nby design. The runas command can load the user profile of the secondary user whose identity is being used\r\nto create the process, and that user profile may contain registry keys and values from previous interactive\r\nlogons when Group Policy was processed for that user. However, the runas command also contains a\r\n/noprofile switch that bypasses the loading of the user profile, so that behavior should not be relied upon.\r\nUser GPO is only processed for users who log on interactively to their own desktops by using the logon\r\nuser interface.\r\nThe following command starts an instance of the command prompt as an administrator on the local computer:\r\nrunas /user:\u003clocalmachinename\u003e\\administrator cmd\r\nhttps://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc771525(v=ws.11)\r\nPage 3 of 4\n\nWhen prompted, type the administrator account password.\r\nThe following command starts an instance of the Computer Management snap-in using a domain administrator\r\naccount called contoso\\domainadmin:\r\nrunas /user:contoso\\domainadmin \"mmc %windir%\\system32\\compmgmt.msc\"\r\nWhen prompted, type the domain administrator account password.\r\nThe following command starts an instance of Notepad (and a file named my_file.txt) using a domain administrator\r\naccount called jayj in a domain called domain.contoso.com:\r\nrunas /user:jayj@domain.contoso.com \"notepad my_file.txt\"\r\nWhen prompted, type the domain administrator account password.\r\nThe following command starts an instance of a command prompt window, saved MMC console, Control Panel\r\nitem, or program that will administer a server in another forest:\r\nrunas /netonly /user:\u003cDomain\u003e\\\u003cUser_Name\u003e \"\u003cCommand\u003e\"\r\n\u003cDomain\u003e\\\u003cUser_Name\u003e must be a user with sufficient permissions to administer the server. When prompted,\r\ntype the account password.\r\nCommand-Line Syntax Key\r\nSource: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc771525(v=ws.11)\r\nhttps://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc771525(v=ws.11)\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc771525(v=ws.11)"
	],
	"report_names": [
		"cc771525(v=ws.11)"
	],
	"threat_actors": [],
	"ts_created_at": 1775434703,
	"ts_updated_at": 1775791280,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/6ddbe090bfa28ecf8e6657f8ea15c1283069f683.pdf",
		"text": "https://archive.orkl.eu/6ddbe090bfa28ecf8e6657f8ea15c1283069f683.txt",
		"img": "https://archive.orkl.eu/6ddbe090bfa28ecf8e6657f8ea15c1283069f683.jpg"
	}
}