Create Windows 7 User Profile using RUNAS

by George Almeida · Published March 27, 2014 · Updated December 28, 2014

You may find yourself in a tight spot where you need to create a Windows 7 user profile, for one reason or another, on a computer with limited network connectivity. A Windows 7 profile is automatically created the first time a user logs into their computer. The user profile stores the cached credentials of the user which comes in extremely handy on a computer that is joined to a corporate domain. Why? Because the user can log into the computer even when the computer is NOT connected to the domain or off the network. Trust me, this was a huge improvement over Windows XP. Anyway, there are a few ways to accomplish this but this post only mentions the use of the RUNAS command to accomplish this goal. Let me layout a couple of scenarios where using this method may help you out of a bind.

Scenario 1 – Rename AD Account on computer connected via VPN
Imagine the following, if you will. You a remote user who is connected to the corporate network via VPN. He or she works from home and rarely ever travels to the corporate office or any other facility connected to the network. You need to rename this user’s active directory account to match your standards. Perhaps this was a user account that has been migrated from another domain and it is finally time to cleanup loose ends and rename the account. Normally this is very easy to do if the user is working on a computer that is locally connected to the network. Just rename the account and have the user log off and back on. Simple, right?. But, it isn’t that simple when the user is connected via VPN. If you rename the account, then have the user log off and back on, using the renamed account, Windows can’t log in because there are no cached credentials to use. This new “renamed” account hasn’t logged on at least one time thus presenting the proverbial chicken before the egg dilemma. It seems hopeless until you realize there is a work-around. While logged on with the old user account, all you need to do is use the RUNAS feature to run a program such as Notepad as the new user account. Basically just find an executable such as Notepad, hold the Shift key and Right-click notepad.exe and select Run as different user. When prompted for credentials, type in the newly renamed account and password. This will create the LSA (Local Security Authority) credentials that is needed in order to log onto the computer. Have the user log off, this will disconnect his VPN connection. Then have him or her log back on, but this time have them use the new renamed account. Windows will log them on because the LSA was created when you did the RUNAS. I have tested this and it works like a charm. See the detail step-by step instructions at the end of this post.

Scenario 2 – Using domain credentials on tablet without wireless network
You have just joined a wireless tablet to the corporate domain and rebooted. Once you receive the CTL-ALT-DLT logon prompt, you attempt to logon with your domain credentials but you can’t because the wireless network has not made the connection to the secured wireless network which, by the way, requires you to enter in your domain credentials. We seem to have a cart before the horse situation brewing here. I felt like I needed to use a different analogy other than the chicken and egg thing. Anyway, just assume for the moment that you do not have the time to figure out why your wireless connection isn’t connecting to your wireless network PRE-LOGON and if it did, how are you going to pass the credentials? Yes, of course you can connect a USB NIC adapter and hard wire the darn thing but for this scenario, let’s just assume that you don’t have such an adapter handy. Once again, you can use the RUNAS feature as a solution. Use the same exact steps as described in Scenario 1 to create the profile while logged on to the tablet with a local account. Below are the detailed instructions on how to accomplish this. I hope this helps someone out of a jam someday. If so, give us a Like, Tweet, Google+, share or leave a comment if so inclined.

Using RUNAS to create a Windows 7 User Profile
Click the Start button, type notepad.