tags:

views:

721

answers:

5
+5  Q: 

How can I create a new process with another User Account on Windows?

Is it possible to create a new process on windows with a different user account? I know there are a context menu "Run as" but I want do it from Java. I have the username and the password.

+2  A: 

There is a program called "runas.exe." You could run that process and supply the appropriate arguments for your process and username/password. I think that's the simplest method.

BobbyShaftoe  2008-12-12 08:22:54
Nice idea but this not work, because you can't pass the password to runas.exe. The password must be enter by the user. If you redirect the process input then runas terminate with an error.
Horcrux7  2008-12-15 13:42:48
+4  A: 

You need to write a DLL using the Java Native Interface (JNI) as you cannot do this with pure Java code.

The DLL itself needs to call the CreateProcessAsUser function to create a process in the context of another user. To successfully create that process you need to provide an access token to the function, which was itself created by calling the LogonUser function (it takes the username and password to authentify that other user).

Bananeweizen  2008-12-12 08:54:02
A: 

RUNAS has the "/savecred" switch that let you enter the credential only the first time. One potential problem is that when /SaveCred saves the credentials it saves it for whenever RUNAS invokes that user account. This can be a huge security risk so be careful using it!

Example at http://www.rgagnon.com/javadetails/java-0014.html (at the end)

RealHowTo  2008-12-20 21:41:34
A: 

Depending on your needs the Win32 API "CreateProcessWithLogonW" is easier to use than the "CreateProcessAsUser / LogonUser" functions.

From MSDN Docs:

The CreateProcessWithLogonW and CreateProcessWithTokenW functions are
similar to the CreateProcessAsUser function, except that the caller 
does not need to call the LogonUser function to authenticate the user 
and get a token
 2008-12-20 22:54:09
+1  A: 

I just ran across an alternative to the runas.exe program called MiniRunAs which will take the password on the command line - http://www.source-code.biz/snippets/c/1.htm

If you are able to install it along with your application, that may prove simpler than writing a JNI DLL.

Matt Sheppard  2010-02-22 05:12:34

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)