Sign in to follow this  
Followers 0
Fredricz

Runas - Profile/no profile?

5 posts in this topic

Hello,
I've got a question about RunAs. What's the difference between:
 $RUN_LOGON_NOPROFILE (0) - Interactive logon with no profile.
 $RUN_LOGON_PROFILE (1) - Interactive logon with profile.

I've got a problem with some corrupt admin profiles (only local accounts, got no domain), so RunAs doesnt work. So my guess is, 1 = I can reach HKCU from the admin account? 
My problem is that RunAs fails when it tried to run on the corrupt admin profile: RunAs("admin", "", "mypassword123", 1, "C:\temp\admin-clean.exe", "", @SW_HIDE)

But it works with RunAs("admin", "", "mypassword123", 0, "C:\temp\admin-clean.exe", "", @SW_HIDE) ... so what's the downside? 

 

I know that I can solve the problem by puttin 'if @error' after but I cant repair the admin account without having an admin account x) 

Ty for help! 

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

Is the built in admin account the one that is corrupt?  What I would suggest is booting into the Windows recovery environment (Hold shift while selecting restart on your computer), go to troubleshoot, and select the command prompt from the menu.  Then run "net user administrator /active:yes", which will activate the built in administrator.  This account is always disabled by default, unless you installed your operating system using Microsoft deployment toolkit.  Be careful doing this though.  There are many ways that using this method can make things worse.  Take a look here:

https://technet.microsoft.com/en-us/library/cc766343(v=ws.10).aspx

Edited by MattHiggs

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Thanks... But I know how to solve the problem. Just want to know what's the difference between  $RUN_LOGON_NOPROFILE (0)  and  $RUN_LOGON_PROFILE (1) . Is $RUN_LOGON_NOPROFILE (0) running as system? RunAs failes when the profile is corrupted and when I'm using $RUN_LOGON_PROFILE (1) , because it uses the corrupt profile. 

 

What's the difference between:
1.  RunAs("admin", "", "mypassword123", 0, "cmd.exe")

2.  RunAs("admin", "", "mypassword123", 1, "cmd.exe")

 

One is using the profile and the other one doesnt use the profile. But what does that mean? That I cant use HKCU on the admin account? That it runs as system? What's the downside to not use the profile in RunAs? 

Edited by Fredricz

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

According to the very general MS TechNet article about Runas (which I'm pretty sure AutoIt is employing in an equivalent/API manner) no profile, "Specifies that the user's profile is not to be loaded. This allows the application to load more quickly, but it can also cause a malfunction in some applications." 

So assume anything that has to do with the profile being loaded won't work (i.e. HKCU as you mentioned, user environment variables and more that I'm not aware of I'm sure); there's your downside I guess (profile dependencies).
 

If a process or script run properly with no profile loaded than there is no downside...right?

Edited by spudw2k

Share this post


Link to post
Share on other sites
16 hours ago, spudw2k said:

According to the very general MS TechNet article about Runas (which I'm pretty sure AutoIt is employing in an equivalent/API manner) no profile, "Specifies that the user's profile is not to be loaded. This allows the application to load more quickly, but it can also cause a malfunction in some applications." 

So assume anything that has to do with the profile being loaded won't work (i.e. HKCU as you mentioned, user environment variables and more that I'm not aware of I'm sure); there's your downside I guess (profile dependencies).
 

If a process or script run properly with no profile loaded than there is no downside...right?

Haha exactly. Perfect, I will try with no profile and see how it works. Thanks for you answer, it seems that no one really knows exactly how it works. But I'm still happy with your answer, thanks !

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0