Apr 22

Run Active Directory Management Tools as Another User

There’s quite a few situations where you may need to run Active Directory Management tools like Active Directory Users and Computers with different credentials. For example:

  • Computer is not joined to the domain
  • Need to connect to another domain/forest
  • Logged in as a standard domain user and need to supply different credentials
  • etc…

Step 1 – Install Remote Server Administration Tools (RSAT)

If you are using a 2008 or 2012 WIndows member server, RSAT is a feature you must enable using the directions below:

RSAT Server 2008 or 2012

If you’re using Windows Vista, WIndows 7, Windows 8, or Windows 10 you must download, install, and enable the RSAT feature.  Here are the links to download RSAT:

RSAT Vista SP1

RSAT Windows 7 SP1

RSAT Windows 8

RSAT Windows 8.1

RSAT Windows 10 (By default all features are enabled)

Once you’ve installed RSAT you need to enable the feature (Except Windows 10).  Open Control Panel, click Programs and Features, and click Turn Windows features on or off.  Then enable the following:

Windows Features Enable RSAT

Step 2 – Make Sure You’re on the Domain Network

Make sure you’re on the same network as the Domain Controller.  This simply means, connect to the LAN they’re on, or connect to a VPN if you’re remote.

Step 3 – Run As Commands for AD Management Tools

The key to running AD Management tools is the Runas command in Windows, which allows you to specify alternate credentials.  However, there are a few gotcha’s with runas such as needing to specify the /netonly command when on a non-domain computer.  Here are the commands you’ll need to run to successfully launch the AD Management tools, and all will work whether or not the computer is joined to a domain:

  • C:\Windows\System32\runas.exe – Default path to runas
  • /netonly – Credentials are specified for remote access, which is required for computers not joined to a domain but still works if the computer is on the domain
  • /user: – specify the username by the samaccountname(DOMAIN\user) or UPN(user@domain.local)
  • “mmc %SystemRoot%\system32\snapin.msc” – Microsoft Management Console with the path to the snapin.

 

 

Note: I’ve added an extra parameter to specify the PDC Emulator, otherwise you may receive the error “You cannot modify domain or trust information because a Primary Domain Controller (PDC) emulator cannot be contacted.”

 

Note: I’ve added an extra parameter to specify the domain, otherwise you may receive the error “Naming information cannot be located because: The specified domain either does not exist or could not be contacted.”

 

Note: I’ve added an extra parameter to specify the domain, otherwise you may receive the error “Naming information cannot be located because: The specified domain either does not exist or could not be contacted.”

Step 4 – Applying Run As Commands

Option 1: Run from an Elevated Command prompt

Right-click the command prompt (cmd.exe), select Run as Administrator, and enter one of the runas commands in the previous section.

CMD Runas RSAT

option 2: create shortcut and run as administrator

Right-click in the Windows file explorer, select New, click shortcut, for the location enter one of the runas commands from the previous section, click Next, name the shortcut appropriately, and click Finish.  Whenever you launch the shortcut, right-click it and select Run as Administrator.

Shortcut Runas RSAT

option 3: modify RSAT shortcuts

Under Administrative Tools on the start menu, right-click each RSAT shortcut, click Properties, and modify the target using the appropriate runas command from the previous section.  Whenever you launch the shortcut, right-click it and select Run as Administrator.

Modify RSAT Target