Upload
nilesh-padwal
View
221
Download
0
Embed Size (px)
Citation preview
8/7/2019 Encrypted_Runas_001
1/18
Encrypted Runas
DTII / Ch. BernerDate 21.11.2007
8/7/2019 Encrypted_Runas_001
2/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 2/ 18
Contents
1. Encrypted Runas Shortcut............................................................................................................ 3
1.1. Create an Application Account...................................................................................................... 31.2. Installation of Encrypted Runas Tool .......................................................................................... 10
1.3. Register Encrypted Runas.......................................................................................................... 13
1.4. Create a Encrypted Runas Icon.................................................................................................. 15
8/7/2019 Encrypted_Runas_001
3/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 3/ 18
1. Encrypted Runas Shortcut
Working in a corporate establishment it soon becomes apparent that some software will not run
without adding the domain user to the local Administrator account, this is not an ideal situation.
Encrypted RunAs Shortcuts allows only the required rights to be given to the program to run andnot the whole computer.
Microsoft provides a command line utility called runas, this command allows programs to be runwith other user credentials. The problem with Microsoft runas is that the password needs to betyped each time it is run, therefore it is not ideal for scripting or use in a corporate environment.
Encrypted RunAs gets round this problem by creating encrypted shortcuts to programs that needs
to be run with different user credentials, so the password does not need to be given to the user.ERunAs uses >128 bit encryption for the shortcuts, the password is encrypted twice usinginformation located on the computer/domain.
1.1. Create an Application Account
Create a new Account in the OU U_Admin of your Site
8/7/2019 Encrypted_Runas_001
4/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 4/ 18
This is just an example. Depending from the Site and Application Name, the account logon name willbe different. If possible create an Account for each Application, which will be launched by the
Encrypted Runas tool. The same account can be used for all users, which use the same application.
First Name: EncryptedRunasLast Name: enter the name of the Application
8/7/2019 Encrypted_Runas_001
5/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 5/ 18
User Logon Name: erwiApplNameName Convention for the User Logon Name:[er= Encrypted Runas Account ][wi= Site Code][ ApplName= Application Name]
Example for the Logon Name:
erndtypogragh Encrypted Runas, New Delhi, Application Typograph
erinaccountplus Encrypted Runas, Ingolstadt, Application Account Plus
Enter the passwordEnable Password never expired
8/7/2019 Encrypted_Runas_001
6/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 6/ 18
Rename the account from EncryptedRunas ApplicationName to erwiapplname EncryptedRunasApplicationName
Open the Properties of this account
8/7/2019 Encrypted_Runas_001
7/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 7/ 18
Enter the description for this account
8/7/2019 Encrypted_Runas_001
8/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 8/ 18
Make this Account member of the Client Administrator group
8/7/2019 Encrypted_Runas_001
9/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 9/ 18
Account is now ready for use
8/7/2019 Encrypted_Runas_001
10/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 10/ 18
1.2. Installation of Encrypted Runas Tool
Launch the install program
8/7/2019 Encrypted_Runas_001
11/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 11/ 18
8/7/2019 Encrypted_Runas_001
12/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 12/ 18
8/7/2019 Encrypted_Runas_001
13/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 13/ 18
1.3. Register Encrypted Runas
8/7/2019 Encrypted_Runas_001
14/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 14/ 18
The License information is listed in the file License.txt
Select All Users
8/7/2019 Encrypted_Runas_001
15/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 15/ 18
1.4. Create a Encrypted Runas Icon
Logon with the normal user account to the computer
Start Encrypted Runas
8/7/2019 Encrypted_Runas_001
16/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 16/ 18
8/7/2019 Encrypted_Runas_001
17/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Encrypted_Runas_001.doc 17/ 18
Enter the Encrypted Runas accountEnable Account Type Domain
Enter the command line for the Application ( can be find with browsing )
Click on Test CommandClick on Save .eras File
Selct the needed options
Click on Save
8/7/2019 Encrypted_Runas_001
18/18
Ch. Berner Encrypted Runas 04.12.2007DTII Version 001
Now a shortcut should be created on the desktop.
Shortcut properties
Finish