RUNNAS 1.14

Allows a user to run specific tools and programs with different permissions
than the user's current logon provides.

Note: This version of runnas is not guaranteed to be compatible with the
previous version. Please re-tokenize your files for added security.


SYNTAX:

runnas /user:<username> command [/password:<password>] [/noprofile]
       [/profile] [/env] [/netonly] [/logononly] [/wait] [/return]
       [/title:<title>] [/tokenize:<tokenfile>] [/crc] [/allowargs]
       [/<token>:<value>]

runnas tokenfile [/<token>:<value>] [/args:<arguments>] [/delete]


PARAMETERS:

    /user       <username> should be in form USER or DOMAIN\USER.
    command     Command line to run.  See below for examples
    /password   The clear-text password for the user account. If not
                specified, you will be prompted for the password.
    /noprofile  Specifies that the user's profile should not be loaded.
                This causes the application to load more quickly, but
                can cause some applications to malfunction.
    /profile    Specifies that the user's profile should be loaded.
                This is the default.
    /env        To use current environment instead of the user's
    /netonly    Use if the credentials specified are for remote
                access only.
    /logononly  Use if command is to be run during interactive logon only.
    /wait       Wait for the program to finish.
    /return     Return errorlevel of program. Use with /wait.
    /title      For console processes, this is the title displayed in the
                title bar if a new console window is created.
    /tokenize   Tokenize command line into <tokenfile>.
    /crc        Calculate CRC (Cyclic Redundancy Check) of command
                line executable and save it to <tokenfile>.
    /allowargs  Allow passing additional arguments to <tokenfile>.
    tokenfile   The name of a tokenized command line file.
    /<token>    Replace command line <token> with <value>.
    /args       Additional <arguments>. Valid only if tokenfile was
                created with /allowargs switch.
    /delete     Delete tokenfile when done.


NOTE:  Enter user's password when prompted.
NOTE:  USER\DOMAIN is not compatible with /netonly.
NOTE:  /profile is not compatible with /netonly.
NOTE:  Most parameters can be shortened to 3 characters.


EXAMPLES:

> runnas /user:admin mmc
> runnas /user:admin "cmd /c dir c:\ & pause" /password:xxx

Create and execute a tokenfile:

> runnas /user:admin notepad.exe /password:xxx /tokenize:notepad.tok
> runnas notepad.tok

Pass quotes inside a quoted string (using \" metachar):

> runnas /user:admin "\"c:\program files\my app\app.exe\"" /pass:xxx

Pass arguments to a tokenfile:

> runnas /user:admin "notepad.exe" /pass:xxx /tok:notepad.tok /allowargs
> runnas notepad.tok /args:"file.txt"

Replace tokens in a tokenfile:

> runnas /user:admin "notepad.exe <p1>.<p2>" /pas:xxx /tok:notepad.tok
> runnas notepad.tok /p1:myfile /p2:txt
