Agent Procedures - Execute User Command.

QUESTION

What does the "execute as user" command means and what it is used for? 

ANSWER

The Execute as user command means that the command will execute as the current logged in user. For example, if a local user named test01 is logged in and the cmd command "whoami" is run, it would return test01 as the user.

This command runs with user-based permissions, meaning that it depends entirely on the user access rights. It is recommended to use the "Use Credentials" command in the case of limited user rights. 

Execute as user command, would allow the user to run a program/command as any user, for example, a domain admin user or local admin user could be impersonated to run any command requiring admin credentials.

In case that an agent procedure needs admin access rights to be granted by the user, the VSA will hide the popup window asking for it, so this command will grant those rights by default, avoiding the procedure to stall and fail.

On the other hand, if the machine is on, but no user is logged in, the command will run as nt authority\system allowing the procedure to run successfully.

In order to test these observations, the user can use the cmd command whoami in conjunction with the executeshellcommandtovariable and writeprocedurelogentry commands.

 

 

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Contact us