Like Serge Bedard in the Reader to Reader article "Access Remote Files with iexplore.exe"
(June 2007, InstantDoc ID 95445), I also use a standard account for logging onto
my workstation and a high-privilege account for performing network-related tasks
in various Microsoft Management Consoles (MMCs). Constantly using the
Run As command to open the MMCs with the high-privilege account proved to
be tedious and time-consuming. To reduce the amount of time spent entering alternative
credentials, I wrote a series of batch files for the following consoles:
- Active Directory Users & Computers (adusers.msc), which is a customized
console for the MMC Active Directory Users and Computers snap-in that has
all our domains loading in one pane
- MMC ADSI Edit (adsiedit.msc)
- MMC Computer Management (compmgmt.msc)
- DHCP (dhcp.msc), which is a customized console for the MMC DHCP snap-in
that has all our DHCP servers loading in one pane.
- DNS (dns.msc), which is a customized console for the MMC DNS snap-in that
has all our DNS servers loading in one pane.
- Group Policy Object Editor (gpedit .msc)
The batch files are pretty simple. They typically look like the batch file
in Listing 1, which opens the Active Directory
Users & Computers console. When the batch file executes, all you need to
do is provide the password for your privileged account. The console then opens
and loads the appropriate snap-in.
The batch file to open the Computer Management console is slightly different.
As Listing 2 shows, this batch file first
prompts you for a server name, then prompts you for the privileged account password.
If both are correct, the Computer Management console opens with that computer
name already loaded.
To make it easy to execute the batch files, I placed them on a network share,
along with the console files they're linked to. I then created shortcuts to
the batch files on my Quick Launch bar. So, to run an MMC, all I need to do
is click the appropriate shortcut and enter the password (or server name and
password).
The batch files turned out to be so convenient that I wrote a set of them for
each member of our IT team. These batch files not only save our team a ton of
time but also help us comply with the company's administrative security policies.
—Joel Hluszko, Senior Network Administrator, Kingsway Financial Services