Blog Runas Savecred
Use runas in command line, in a batch file or a shortcut with the program.exe you want to run as administrator.
In example my program.exe is >> cmd.exe << and my administrator account is my local administrator account >> localadmin <<.
My command is
runas /user:localadmin cmd.exe
After execute this runas command, you will be asked to enter the password of the administrator account.
You cannot pass the password to runas command as argument,
but with the parameter savecred you can store this password in credential manager, to avoid entering the password on each call.
Now you will be asked to the password only once, but the next calls with savecred parameter you don't have to enter this password to run this application as administrator.
This savecred parameter is not recommended, because username and password are stored in the windows credential manager of this profile and
can used to execute every program with credentials of the administrator from the standard user account.
Better storing the credentials for each program separate, instead of using runas savecred.
You find examples below.
1. You can do this by a start file for the according application with encrypted login information of an administrator account.
2. use a credential manager on local machine, you can grant an application to run with administrator rights.
Unfortunately both is not possible with runas savecred, but the following easy program tools do this job.
1. RunAsSpc store login information for each application in an encrypted file.
2. RunAsAdmin from RunAsRob has an own manager to control in the windows registry the application you can run with administrator privileges from a normal user account.
By RunAsRob you can authorize specific applications or complete folders and its contents you want to allow running with administrator privileges.
This is an easy way to distribute software, drivers, patches,... without to create an installation package for your clients.
You just have to copy the setup files in the specific allowed share,
and then the standard user on workstation can run this setup file, or other executables files you copy to this share.
The principle is very simple, clear to understand and easy to configure.
After drag the application and drop it onto runasrob.exe, RunAsRob compare this application and its path, if it is an allowed directory and start the application with appropriate rights.
It is only important, you don't give the user writing NTFS rights to an allowed directory, to avoid that he can put other executables in that folder.
By that way you have the control of software by simply copy or delete files in an authorized path.