SSMS Run As issues
I'm trying to use the SSMS entry to automatically open SSMS with the RUNAS command authenticate against a domain user, different than the domain of the current computer, so yes, I do have the "Net Only" flag checked. I have an existing connection where this works just fine against one domain. However, for this other domain, I am having issues.
I decided to go ahead and test directly in CMD prompt and ran the following example command:
%systemroot%\system32\runas.exe /netonly /user:"DOMAIN\USER" "\"C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\Ssms.exe\" -E -S DBSERVER"
When I run this, I receive the following error: 1348: The validation information class requested was invalid.
If I instead run the command like this:
%systemroot%\system32\runas.exe /netonly /user:"USER@DOMAIN.com" "\"C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\Ssms.exe\" -E -S DBSERVER"
It works just fine, albeit quite slowly. Notice that the difference is how I specify the user & domain format. So I think RDM is trying to run it the first way. I tried various ways to get to execute as the second way, but have been unsuccessful so far. Under the connection properties, I did find the Advanced - Misc section which had the "Username format" dropdown, but still couldn't get it to work. It's actually not even prompting with any program or error message at all, just doesn't even start the connection.
1) Is there a better way to do this without resorting to putting together my own CMD line entry.
2) Is there a log somewhere I can see how RDM is putting together these RUNAS commands so that I can evaluate.
All Comments (9)
We will need to double check to see if the "Username format" option is being set/sent properly to the run-as when we start the SSMS.
Stéfane Lavergne
Hello,
Thanks for your patience.
After a few tests, we figured that there is indeed something to be improved with the way we're passing the credentials to that type of session.
As a workaround, you can set the username with the format "user@domain" in the username field, and leave the domain field empty.
I had it working with either "Custom" or "Linked (Vault)" as long as the domain remained empty...
I'll open a ticket to the engineering to improve this behavior.
I hope this helps.
Have a nice one.
Best regards,
Alex Belisle
I'm pretty sure I tested that, and it didn't work, but I will give it another shot.
Also, could you confirm if there is a log that I can see where or how thes types of commands are generated? I usually check Task Manager and look at the detail pane to see how RDM starts a process, however since RUNAS is a temporary call, it doesn't stay open long enough for me to evaluate.
Hello,
Sure, and also, please provide us with your RDM Version and data source type when you get back.
Thanks!
Best regards,
Alex Belisle
We are a little out-of-date and plan on upgrading soon:
RDM 2019.2.22.0
Datasource: Self-hosted MS SQL Server
Hello!
Using 2019.2.24, I could make it work the way I described.
Unfortunately, since RDM is performing an API call, there is not much logs we can access.
Again, we have a ticket opened for the engineering to pass the credentials the proper way for the API call.
I could not see if you gave it a try, I'm still curious as if it worked or not...
Thanks!
Best regards,
Alex Belisle
Yup, not working. Nothing opens up, indicating that the RUNAS command is throwing an error. I tried using Embedded Creds with "Run As Different User" set to "Current Session", and also tried setting Run As with custom creds, but neither worked.
Hello!
Would you please try with the latest version of RDM (https://remotedesktopmanager.com/home/download)
I recommend using the portable version, and make sure you connect to your production database (so you don't update it therefore forcing your coworkers to upgrade as well...)
Make sure you have the "overrife.cfg" file confgured as described here : https://help.remotedesktopmanager.com/installation_portableusb.html,
Thanks for keeping us posted!
Best regards,
Alex Belisle