Running as SYSTEM

Scripts/Actions are often run in the SYSTEM context when making changes to a client, but a SYSTEM account occasionally does not act like a user account (even a user with administrative rights).

For the purposes of development and testing it is often useful to run in the SYSTEM context (for example checking whether a command will work), this is where a very useful tool called PSEXEC by SysInternals (now owned by Microsoft) comes in.

The tool is actually capable of many more actions but in order to run as a system account use the following command:

psexec -i -s <command>

e.g. to launch cmd.exe

psexec -i -s cmd.exe

RunAsSystem_psexec_19112015.jpg

As you can see from the image above cmd.exe was called using psexec.

The whoami command is then invoked to show which user account that instance of cmd.exe is being run as (in this case the local SYSTEM account).

The tool can be downloaded from here

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s