Details and differences
RunAsRob command line arguments, registry values, Group Policy options and the differences to RunAsSpc
Comparison table RunAsRob, RunAsAdmin, RunAsService and RunAsSpc:
|
RunAsRob |
RunAsAdmin
a part of RunAsRob |
RunAsService
a part of RunasRob |
RunAsSpc
the classic tool |
Genererally |
Contains RunAsAdmin, RunAsService and
can control allowed applications by an encrypted file, which can send anyone to use it.
|
Allowed application controlled by registry settings.
Need no encrypted file.
Several applications can be configure at one go.
Support of wildcard *
Compatible with group policy.
|
The application is running as service automatic after you turn on the computer and before any user is logged in.
Interaction between user and program isn't possible. |
Allowed applications and credentials controlled by an encrypted file or clear text.
|
Logon as |
. |
. |
. |
. |
another user |
Run application under user account from encrypted file. This can be an administrator or any other user account.
Requires no installation procedure.
|
Not possible
|
Not possible
|
Possible
|
system |
Run application under system account with highest privileges and without the popup of an UAC dialog.
Suitable for installations, updates and patches.
Disadvantage: A service is not a complete account. Its missing a user profile and an own HKU registry path.
|
Possible |
The only possible login option. Not editable |
Not possible |
administrator |
Launch application with administrator permissions under the own fully account of the limited user with his own profile and enviroment.
Suitable for running programs who need user properties like office. |
Possible |
Not possible |
Not possible |
netonly |
Application use logon credentials from encrypted file for remote connections. |
Not possible |
Not possible |
Possible |
Command line arguments of RunasRob:
- Installation commands
>> runasrob.exe /install <<
>> runasrob.exe /uninstall <<
- To create an encrypted file.
Open the configuration window of RunAsRob for encrypted files by double click to runasrob.exe or call it with option /configure
>> runasrob.exe /configure <<
- To run a encrypted file over runasrob.exe use the option /cryptfile
>> runasrob.exe /cryptfile: “c:\path\yourcryptfile.xus”<<
or drag and drop the encrypted file over runasrob.exe.
- For a call without status messages use the switch /quiet
>> runasrob.exe /install /quiet <<
>> runasrob.exe /cryptfile: “c:\path\yourcryptfile.xus”
/quiet <<
- To set folders, its applications can be launch with
administrator rights or allow only a specific application.
Install runasrob with option /allowedpath, followed by the
allowed folders or applications. Semicolon separated to allow
more than one folder or application.
>> runasrob.exe /install /allowedpath:c:\program
files\folder1\;\\server\share\folder2\;c:\windows\system32\regedt32.exe
<<
- To run applications from this allowed folder
drag and drop the application.exe over runasrob.exe
or use the following call >> runasrob.exe
c:\allowedFolder\applicaton.exe <<
This can be done by command line, batch file, shortcut or any
other way.
- An advanced optional switch are /assystem or /asadmin.
/assystem -> The allowed application is running under
service account with elevated admin rights.
/asadmin -> After the user enter his credentials he
will be member of the local administrator group for this
application which is running under his own account.
>> runasrob.exe /install /allowedpath:"\\server\share1\setup.exe;\\server\share2\;C:\windows\system32\regedt32.exe /asadmin;C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe /assystem"
<<
- To configure an application or script to start it permanently
as service use the option /servicemode: followed by the
application
>> runasrob.exe /install
/servicemode:c:\test\yourScript.cmd <<
- You can combine the arguments of RunasRob like the following
example
>> runasrob.exe /install /quiet /servicemode:"c:\system\monitoring.exe" /allowedpath:"\\server\share\folder2\;c:\windows\system32\regedt32.exe /asadmin" <<
- Create encrypted files by command line are possible with
RunAsSpc.exe. This files are also readable with RunAsRob.exe
runasspc.exe /cryptfile:"crypt.spc"
/program:"C:\WINDOWS\system32\calc.exe" /domain:"localhost"
/user:"administrator" /password:"password"
Registry values and Group Policy options:
Edit the Registry Key of RunAsRob:
HKEY_LOCAL_MACHINE\SOFTWARE\RunasRob
Here you configure the values AllowedPath, ServiceMode, LogonFlag
directly or over central group policy in a domain.
Changes will take effect after restart of service RunasRob
Warning, serious problems might occur if you change the registry
incorrectly.

By Group Policy in a domain you can manage this settings central.
runasadminen.html#Bygrouppolicy > > >
FAQ:
-
Running on Windows 10 Professional and Home, Windows Server 2019.
-
64 Bit and 32 Bit Version included.
-
The restriction of the free version for private use is the
start-up window with the license information,
which appears at random intervals, even if you set the switch /quiet.
-
Environment variables can use like >> %windir%\system32\regedt32.exe\CompMgmtLauncher.exe <<
-
Wildcards can set as authorized path. Example: >> *\updates\flashplayerversion*.exe <<.
-
Authorize only a specific user or group to run a an application.
This can be achieved over folder permissions to the program file, encrypted file or the folder.
-
Program arguments are working. If passing arguments are not working, because quotation marks or complex arguments are not accepted in RunasRob.
Workaround of this problem is a one line batch file with your complete applicaton call include all arguments.
Run this one line batch file over RunasRob.
-
Errors Codes.
Most errors are system errors which are returned from runasrob to user.
This system error codes are explained by Microsoft on
https://msdn.microsoft.com/en-us/library/ms681381.aspx
Contact:
For any suggestions, errors, questions, specific requirements or adjustments please contact:
runas@robotronic.de
Licence:
RunasRob is only free for private use.
For companies and other organisations we deliver a licensed version, registered to the organisation name.
Order RunasRob >>>
Download RunasRob >>>
Date: 2019-10-13
Data protection
Imprint