I am attempting to launch a programing as another user by running the following from a DOS prompt:
runas /netonly /noprofile /user:domain_beta\crazy_adam "C:\Program Files\MyStuff\Foo.exe"
When I do this, I lock out my current context (the account I've logged into my machine as). Some additional points:
- The username part of the login (e.g., <domain_part>\<user_part>) is the same as my default context; so, assume I login to "domain_alpha" as "crazy_adam" and I'm attempting to start my executable as "domain_beta\crazy_adam".
- There is no trust between "domain_alpha" and "domain_beta", and creating a trust relationship between the two domains is not an option.
- If I attempt to run the command as a local (machine non-domain) user (with membership in the machine's Administrators group), I am able to connect without any issues.
The issue was quite precisely described in a post by Jason Folkens:
However, I didn't see a resolution to the problem he described in the thread.
I'm not looking for a resolution per se. I just want to understand what's happening.
As alpha domain has the same account, the credential will be forwarded to alpha PDC for authentication and the account will be locked out due to bad password.
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Thanks for the response.
I executed the test case from my initial note yesterday, and it launched the process without locking me out. Consequently, I was executing the test case solely to demonstrate the problem, which didn't occur. I'm not sure if the issue is intermittent or I missed some other factor.
I'll conduct additional analysis and update this thread.