Companies out there, should not have their IT staff account with Administrator access for everyday work. Yet IT staff generally will complain (I’m guilty of it) when they need do some administrative work. Now to make an administrators work easier (while following best practices) you give the IT staff user accounts and use another account to elevate the privileges when you need to get work done. There is a problem using the Windows RSAT tools on Windows , it tries to use your user account to do this, and since it’s not an administrator, it fails. On Windows 7 workstations you have to use a trick (shift+ right click -> Run as a different user) to get these RSAT tools to work. This can just be plain annoying to do, but there is a work around.
To eliminate the extra clicks and the need to enter your username and password every time you launch an admin tool from your user account, you can edit the shortcut to the tool to include the RUNAS command. This can be easily accomplished this on your machine by making copies of the RSAT shortcuts and placing them on your desktop and editing those copies. I would suggest not editing the start menu icons and that applies to all users and letting other users that might log in to your computer be able to launch these tools with the admin account. (Not Good)
Copy the shortcuts that live in the hidden folder at C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\. I copied the shortcuts of the tools I use and pasted them to the desktop.
Once you get the tools you use, copied to the desktop, Right-click on those new shortcuts and choose Properties. On the properties tab under the Target field change the text from:
%SystemRoot%\system32\runas /savecred /user:yourdomain\domainuser “mmc dsa.msc”
(It goes without saying buy: Replace yourdomain with the name of your domain and domainuser with the name of the admin account you want to use.)
I added the /savecred switch (optional) and this saves the password you type. Click OK and then double-click the icon for the RSAT you just edited. You’ll see a command window pop up that will ask you for the password associated with the account you entered in the /user switch. Type your password (don’t freak out because the cursor will not move), and hit enter, and the tool will launch. If you chose to use the /savecred switch, this is the only time you will be prompted to enter the password for that user. Saved passwords can be managed in the Credentials Manager (if you need to update or delete)