RunAsLimitedUser is a nifty RunAs tool that is so easy to use even for lazy admins. You probably know that Windows comes with a built-in RunAs feature. So-called security experts usually recommend that as a sysop you should only start applications with Administrator privileges when it's necessary. The most secure way is to work with a normal user account, and start admin tools which need more rights, with an Administrator account. Well, I don't know any sys admin who really works this way. It is just too time consuming to logon every time you need more privileges. RunAsLimitedUser works the other way around.

Latest posts by Michael Pietroforte (see all)

RunAsLimitedUserYou logon with an Administrator account and start applications which don't need admin privileges from its icon's context menu. This just costs you an extra mouse click. Most tools a sysop starts every day, simply need admin rights. However, the few apps you use which also work with user rights are those with the biggest security threat; most prominently your favorite web browser or your e-mail program.

RunAsLimitedUser creates an user account with a random password during installation. The password is stored in the registry and encrypted with DAPI. This account does not belong in any user group, especially not in the admin group.

Subscribe to 4sysops newsletter!

You can also use this tool for testing user's applications. For example if you configure a master PC you usually will install applications using an administrator account. But your users probably have limited rights. With RunAsLimitedUser you can check if a newly installed program will also work in a user's environment.

0 Comments

Leave a reply

Please enclose code in pre tags

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2021

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account