功能

Before i developed runasspc. I looked for a version of runas with the following criteria.

• The user does not have to enter a password, like runas.
• Only the applications allowed by me, could be started by the user.
• The tool must not be bypassed by simple Renaming the application or saving of Identification (runas/savecred)
• The saved credentials should not be used to run any other application like runas /savecred.
• It should be simple to handle.

Runasspc starts programs under another user account than the logged-in user.
The application and the account information will be read from a secured crypt file, which built on command line with runasspc or the administrator interface runasspcadmin.
Each encrypted file receives his own password on runtime, created by the file itself, like a finger mark.
Before runasspc start the authorized application, the application will be checked on bit level (only exe and batch files).
Runasspc does not require an installation procedure. You only need to copy runasspc and a cryptfile on a computer to start it directly.
Runasspc can also be run without using a cyptfile. You can call runasspc with password in cleartext on commandline. It can be useful for scripts and tests.

應用

• Security patches, software updates, programs and each other software-package can be installed by the user themselves without having administrator privileges.Runasspc will start the application with other credentials than the logged-on user. The login information for the application like username and password are read from an encrypted file.An administrator can specify, e.g. by central encrypt files, which applications have to start with admin rights.RunasSpc is compatible with the most file endings likeexe,msi,bat,cmd,wsh,vbs, msc...No installation procedure for RunasSpc.
• Many users are working under administrator account, because some programs are missing administrator rights to run correctly. With runasspc a standard user has not  to login as administrator to run this applications.
• Surfing the Internet as an administrator makes the system vulnerable to malware, spyware, viruses and other security risks. Surf with a limited rights account, the amount of risk decreases dramatically.Start your Browser under this limited account with Runasor RunasSpc, if you do not want to enter the password every time.
• You want to instruct someone to configure a computer, but you cannot give him the administrator account information because you use it also on other systems?With runasspc and an encrypted file crypt.spc which starts the computer console (compmgmt.msc) or a filemanager (like wincommander) based on administrator account you can give him full access to this computer.

RunasRob 給予受限用戶針對特定應用程式，一個用戶帳號管理員的權限

RunasRob伴隨管理員路徑(AdminPath)是RunasSpc的進一步發展
你可以使用管理員權限在有限的用戶帳號下來運行特定程式與其他選項:
 

• 繞過允許應用程式的 UAC dialog
• 運行應用程式的服務
• 根據自己的受限用戶帳戶以管理員身分來運行程式
• 來自配置於RunasRob AdminPath的特定路徑中的受限使用者，可以管理員權限運行程式
  鑑別被控制在一個註冊表項以及NTFS文件夾權限下，而非在一個加密檔案，
  此選項提供一個靈活方式，允許一組用戶和/或電腦以來自特定目錄中的管理員權限運行程式

系統需求

Windows XP, Server 2003, Server 2008, Windows 7, Windows 8

RunasRob with an encrypted file.
Start configure.cmd to view the RunasRob configuration window with following input fields to create an encrypted file.

Path / application.exe
This field shows the path of the application in the encrypted file which can run over Runas Rob. Here you can change, select or enter the full path of your application

Authentication
Credentials of the administrator who is written in the encrypted file to start the application over this authentication.

Crypt file
Path of the encrypted file that saved the information from this configuration window
With the crypt file buttons you can open, save or test an open encrypted file.
You must save your changes over the >> save crypt file << button before you can test it.

Program options:
On this field you can input arguments or options your application require.

Start in
Directory where your application should executed.

Logon as

• another user >> application run under the authentication in the encrypted file
• netonly >>  application use logon credentials only for remote connections.
• service* >> application start with system rights and elevated privilegs under the local system account and bypass the UAC Dialog.
• administrator* >> current logged on user can be temporary logon as a member of the local administrators for this application. It can be useful to make settings in the own user registry path HKCU. In this option the user have to input his own credentials to launch the application as a member of the local administrator s group.

* The last two options require an installation of the service from RunasRob. You can do this over the Install Button
or a call of RunasRob with option /install like >> runasrob.exe /install <<

Program window
Make it visible to show the application for interacting with the user.
Set the option hide to launch the application in backround.