Windows Run as to let a legacy program run in XP limited user mode



Several months back I had to figure out a way to get Create a card gold (5.0?) run on an XP system. The only real problem was that I had setup the account with limited user privileges (shared machine, several users, all with limited account priviliges.) But, somehow the program didn’t work well without administrator priviliges. Giving the account full administrator priviliges all the time was not an option and try as I might, I couldn’t find the right program directory to give expanded permissions that would solve the issue.


Now, YES there are newer versions of creat-a-card gold, but none seem well reviewed. In fact, some of the reviews I’ve seen are along the lines of “stick with version 5”. So, that wasn’t a great choice either. Finally, I created another user that I gave administrator priviliges to. Then used the “run as” function to run that program as this “new” more priviliged user. I gave the user the same password as the limited user account so that she would only have to type in her password again when the program ran.

Now, I’ll admit, it isn’t pretty (the password prompt is a big black command window.) But, it works. I essentially made a batch script (command script) that’s on the desktop that has one line….

runas /user:priviliged “c:\program files\path\to\create-a-card-gold.exe”

The big black window pops up asking for the password and then things work as normal after that.

YES, this could introduce vulnerabilities. A user could modify the script to “runas” that user for another program, or use that program to save files in an area that they aren’t normally allowed to. This can compromise a tight setup. That much said, in this situation it was a compromise for a legacy application that could be made without giving an “all the time” administrator login.

There was another problem though – how to keep that new user from showing up in the login screen?

   Send article as PDF   

Similar Posts