Configure and troubleshoot Secondary Logon service

23 July 2000 by Snakefoot | Comment » | Trackback Off
Secondary Logon can be hidden from the GUI, so one doesn't see the option "Run as different user" when starting a program with this DWORD value:

[HKEY_LOCAL_MACHINE \SOFTWARE \Microsoft \Windows \CurrentVersion \Policies \Explorer]
HideRunAsVerb = 1

More Info MS KB Q830568

Note with Win2k SP4 a new policy was created making it possible to configure what accounts(Default:Administrators and SYSTEM), which are allowed to impersonate other accounts:
  1. Open Control Panel and open Administrative Tools and double click Local Security Policy
  2. Expand Local Policies and click User Rights Assignment
  3. In the right pane double click Impersonate a client after authentication
  4. Press Add... to enable other users to impersonate other accounts
More Info MS KB Q821546

Note one can also run applications as another user from the command line using "RUNAS", though in Win2k it will prompt for password unless using Sanur, CPUA, LSrunas or Steel Run-As. WinXP Professional (Not Home) extends "RUNAS" with the /savecred option where one is only prompted for the password once. To see all options available:

runas /?

More Info MS KB Q294676
More Info MS KB Q893677

Note in WinNT4 one can use the Super User Service Starter SUSS.EXE and the tool SU.EXE (Found in the NT reskit):

SUSS.EXE -install

ECHO Password | SU.EXE Username UserMgr.exe

SU_USERNAME - Environment variable for default user name to SU.
SU_PASSWORD - Environment variable for password to SU. Avoids password prompting.
SU_DOMAIN - Environment variable for domain name referenced by SU.
SU_COMMANDLINE - Environment variable for command line run by SU.
SU_DESKTOP - Environment variable for windowstation and desktop targeted by SU.

More Info MS KB Q829640

Note another way of running an application as another user is to create a scheduled task where it is possible to specify username and password.

Updated: 2 October 2008

Leave a comment


NB! Use the Forum for computer help and off-topic questions.

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>