The RunAs Commands feature in VShell 3.5 and later allows users to remotely execute commands as a different user. This is useful for giving access to less privileged users to employ certain commands or scripts that require administrative privileges. The VShell administrator controls who can remotely execute a command, which commands they can execute, and what Windows user account context is used to execute the command locally on the VShell machine. Users connecting to the server can use an SSH2 client, such as SecureCRT® or VSH, to issue the remote command.
The following shows an example of the kind of remotely executed command that the RunAs capability allows you to configure for your users.
Configuration is accomplished from the RunAs Commands page in SSH2 section of the VShell Control Panel. This page lists all configured commands — the alias of the command, the actual path to the command, and the username under which the command will be run.
To add a new command, click on the Add button on the RunAs Commands page. This brings up the RunAs Command dialog. You then define the alias, path, arguments, and username/password for your command, and select the Windows user groups or users that are allowed to execute the command.
Here is a table of all the available RunAs command options:
|
Alias
|
The command the user connecting to VShell issues on the command
line.
|
|
Command Path
|
The actual path to the command or script (the path must be
valid for the RunAs user's environment).
|
|
Command arguments
|
Arguments to be included in the command line when
executing the command (these are the first arguments in the command
line; any arguments passed in the original remote execution request
are appended after these arguments).
|
|
Username
|
Username under which the command will be executed.
|
|
Password
|
Optional password for the RunAs user; if a password is not
specified, the user is subject to the same limitations that would
apply to users logging on using a public key.
|
|
User/Group
|
The users or groups allowed to run the configured command.
These users or groups need to be granted Remote Execution rights
from the Access Control page in the VShell Control
Panel.
|
Users that have been given access to the RunAs command are now able to remotely execute the alias name, which in turn runs the actual command as the configured RunAs user.
VanDyke Software uses cookies to give you the best online experience. Before continuing to use this site, please confirm that you agree to our use of cookies. Please see our Cookie Usage for details.
