A few days ago I came across a software application that just wouldn’t execute correctly without the user being an administrator on the computer. Since all of my users run as basic / limited users they were unable to use program. After contacting the vendor and looking for all type of rights that we could grant the user so the could execute the program properly we were unable to fix it without making the user an administrator. So rather than making them an administrator or giving them the administrator password I made a little application that calls the other application as a run as but has the administrator credentials complied in. I realize that you can probably decompile the application and get the password, but for many users that is too much work, or they lack the expertise, so I view this as a small security issue. To further protect the account I made one that only exists on that computer. Below is the code that you can use to build a similar application it is only a few lines but it can solve a headache and keep a password relatively secure.
This is a VB.NET application
This application will produce an error if it is unable to login as that account or if the target program cannot be found.
Public Class Form1 Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load Dim DomainName As String Dim UserName As String Dim Password As String Dim SysPassword As System.Security.SecureString = New System.Security.SecureString() DomainName = System.Environment.GetEnvironmentVariable("ComputerName") UserName = "administrator" Password = "supersecretpassword" For Each c As Char In Password SysPassword.AppendChar(c) Next SysPassword.MakeReadOnly() Try System.Diagnostics.Process.Start("notepad.exe", UserName, SysPassword, DomainName) Catch ex As Exception MsgBox(ex.Message) End Try Me.Close() End Sub End Class