Problem: User is restricted access to certain files and folders on the system, or need elevated permissions to run an application or modify the registry, when the Administrator Account, with Admin Permissions, is not enough and assigning added permissions via the ACL is not allowed.
Solution: You need to run the app, edit the registry or access the file or folder with the System Account, with System Permissions. There are many ways do this, however, I find that the fastest and best way is to run Explorer.exe with the System Account. Then anything you run from Explorer (any apps you start, any files or folders you access including the registry) will run with Elevated System Permissions. You can now do/change anything on your System, should the need arise. Caution- make sure you know what your doing when running as the System Account.
Process: Download Sysrun.zip Site, or Search Google. Note: This application requires Administrator Account Permissions and Privileges.
Extract/install Sysrun.exe, place anywhere you like, no installation required. Run- browse to your System32 directory, ie. %systemroot%\System32, where %systemroot% is your system Folder (WNNT or WINDOWS) on your system partition (usually C:\). From that folder, run taskmgr.exe. Press Run on the Sysrun app- Task Manger will now open.
Go to the Process tab- notice that the Task Manager is running from the System Account. Right-click explorer.exe in the Image Name part, click End Process, ok. Now go to the Applications tab in Task Manger, click New Task, type in explorer.exe. The Explorer window should show with a different desktop and Profile- you are now running as the System Account. Don't worry, your desktop files are still there and your applications are still running.
You can now access any file/folder and app/registry with full Permissions granted to all files. To revert back to your Profile automatically (Administrator Account), simply start Task Manager via. Ctl + Alt + Del (note- don't right-click on the taskbar: Task Manager, as this will run app as System), terminate explorer.exe as mentioned above, click on the Applications tab- New Task- explorer.exe. You now have your Administrator Desktop back (albeit, with fewer privileges...).
The System Profile you were just logged onto is located here:
%systemroot%\System32\config\systemprofile.
Alternativly: You can also run any app or file and edit the registry with System Privileges without any 3rd Party apps using an Administrator Account. Say you are using an Administrator Account and you want to change any configuration information on your system, or access any application that you do not have permissions to access (ie. some HKLM- System- Enum Keys), instead of assigning Permissions via the ACL, you could do the following:
Open a Command Window, type 'AT' which is the Task Scheduler Service (note- the Task Scheduler Service must be running) then type in the Time in the HH:MM format (see System Tray for the time), leaving a few minutes to spare, so if its 17.03, type: AT 17:05, add the '/i' switch followed by the Application you want to run with System Privileges eg. Cmd.exe. Here is the full command:
AT HH:MM /i "cmd.exe"
The Command Prompt should appear at the time you entered with the AT command. The Command Window is running with System Privileges, you can now run any apps in your Path variable and browse via the Cmd window to files and apps. One step further is to enter this command:
TASKKILL /F /IM "explorer.exe"
This terminates the Windows Explorer Process along with your desktop (apps still running). Now enter:
explorer.exe
Enter this command from the Command Window opened by the Scheduler Service AT command, this will start explorer.exe as a System Profile process. You will now be running as the System Account, with a different Desktop and User Settings. The System Account Priveleges is the highest control you can have over your system. To revert back to your Account, press Crtl + ALT + DEL to bring up the Task Manager which will run from your Account, terminate Explorer.exe and restart Explorer.exe.
All this can only be done from an Administrator User Account or an Account with Administrative Privileges ONLY ie. NOT from a Power User or Limited User Account. Use the 'Run-As' Feature to run Sysrun or a Cmd Window as an Admin User first. Caution is advised, only use this command for ethical reasons and NOT to browse other User Profiles or damage the system intentionally.
Hope this has helped anyone out there, or is interesting to Techies anyway. Note: Please respect any Licences contained within any of the downloads in this post. The Sysrun.exe is the copyrighted material of the respective owner and author.(c) [mercnet]
Image: Shows Task Manager and Explorer running withthe System Account with System Permissions.
Posts
No comments:
Post a Comment