[GH-ISSUE #1625] Script Manager: Run As User flag doesn't work on Windows 11 #1016

New issue

Closed

opened 2026-03-02 02:20:38 +03:00 by kerem · 1 comment

kerem commented 2026-03-02 02:20:38 +03:00

Owner

Copy link

Originally created by @NiceGuyIT on GitHub (Sep 8, 2023).
Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/1625

Server Info (please complete the following information):

• OS: Ubuntu 20.04.4 LTS
• Browser: Firefox 116.0.2
• RMM Version (as shown in top left of web UI): v0.16.4

Installation Method:

• Standard
• Docker

Agent Info (please complete the following information):

• Agent version (as shown in the 'Summary' tab of the agent from web UI): Agent v2.5.0
• Agent OS: Windows 10 Pro, 64 bit v22H2 <- Works
• Agent OS: Windows 11 Pro, 64 bit v21H2 <- Fails

Describe the bug
The Run As User flag is not honored on Windows 11.

To Reproduce
Steps to reproduce the behavior:

1. Go to Script Editor
2. Create a PowerShell script with the contents below.
3. Select a Windows 11 machine to run it on.
4. Do NOT check Run As User. The output should indicate it's being run as nt authority\system, the group will include Mandatory Label\System Mandatory Level and environmental variables will reflect the system (i.e. USERNAME, USERPROFILE, TEMP, APPDATA).
5. Check the Run As User box and run the script again.
6. Notice the output is the same.
7. Running the commands as a Batch (CMD) produces the same output.
8. Repeat steps 4 and 5 on a Windows 10 machine.
9. Notice the values change if Run As User is checked. Windows 10 is working as expected.

Powershell script to dump the user, groups and environment.

whoami

whoami /groups

Get-ChildItem ENV:*

CMD script to dump the user, groups and environment.

whoami

whoami /groups

powershell -command "Get-ChildItem ENV:*"

Expected behavior
I expect the Run As User flag to work as expected across all versions of Windows.

Screenshots
N/A

Additional context
This may be related to the fix for #1614, but since I updated both dev and prod, I can't test the previous agent version.

Originally created by @NiceGuyIT on GitHub (Sep 8, 2023). Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/1625 **Server Info (please complete the following information):** - OS: Ubuntu 20.04.4 LTS - Browser: Firefox 116.0.2 - RMM Version (as shown in top left of web UI): v0.16.4 **Installation Method:** - [X] Standard - [ ] Docker **Agent Info (please complete the following information):** - Agent version (as shown in the 'Summary' tab of the agent from web UI): Agent v2.5.0 - Agent OS: Windows 10 Pro, 64 bit v22H2 <- Works - Agent OS: Windows 11 Pro, 64 bit v21H2 <- Fails **Describe the bug** The Run As User flag is not honored on Windows 11. **To Reproduce** Steps to reproduce the behavior: 1. Go to Script Editor 2. Create a PowerShell script with the contents below. 3. Select a Windows 11 machine to run it on. 4. Do NOT check Run As User. The output should indicate it's being run as `nt authority\system`, the group will include `Mandatory Label\System Mandatory Level` and environmental variables will reflect the system (i.e. `USERNAME`, `USERPROFILE`, `TEMP`, `APPDATA`). 5. Check the Run As User box and run the script again. 6. Notice the output is the same. 7. Running the commands as a Batch (CMD) produces the same output. 8. Repeat steps 4 and 5 on a Windows 10 machine. 9. Notice the values change if Run As User is checked. Windows 10 is working as expected. Powershell script to dump the user, groups and environment. ```PowerShell whoami whoami /groups Get-ChildItem ENV:* ``` CMD script to dump the user, groups and environment. ```cmd whoami whoami /groups powershell -command "Get-ChildItem ENV:*" ``` **Expected behavior** I expect the Run As User flag to work as expected across all versions of Windows. **Screenshots** N/A **Additional context** This may be related to the fix for #1614, but since I updated both dev and prod, I can't test the previous agent version.

kerem closed this issue 2026-03-02 02:20:38 +03:00

kerem commented 2026-03-02 02:20:39 +03:00

Author

Owner

Copy link

@NiceGuyIT commented on GitHub (Sep 8, 2023):

This is not an issue. I was logged on via RDP but disconnected. This is explained in the docs.

2. The user has to be logged in, if the computer is still sitting at the Login screen there will be no active user to discover, and fail. If you're using fast user switching, it is the active user that will be discovered and used.

To be clear, if query session does not return an Active session, Run As User will fail. In this case, the session is disconnected and Run As User will not work.

C:\> query.exe session
 SESSIONNAME       USERNAME                 ID  STATE   TYPE        DEVICE
>services                                    0  Disc
                   dev                       2  Disc
 console                                     6  Conn
 rdp-tcp                                 65536  Listen

Here we have an active session. This can be achieved by logging in using Mesh and then disconnecting. This will leave the user session active on the console and Run As User works.

C:\> query.exe session
 SESSIONNAME       USERNAME                 ID  STATE   TYPE        DEVICE
>services                                    0  Disc
 console           dev                       2  Active
 rdp-tcp                                 65536  Listen

<!-- gh-comment-id:1710974148 --> @NiceGuyIT commented on GitHub (Sep 8, 2023): This is not an issue. I was logged on via RDP but disconnected. This is explained in the [docs](https://docs.tacticalrmm.com/howitallworks/#runasuser-functionality). > 2. The user has to be logged in, if the computer is still sitting at the Login screen there will be no active user to discover, and fail. If you're using fast user switching, it is the active user that will be discovered and used. To be clear, if `query session` does not return an Active session, Run As User will fail. In this case, the session is disconnected and Run As User will not work. ```text C:\> query.exe session SESSIONNAME USERNAME ID STATE TYPE DEVICE >services 0 Disc dev 2 Disc console 6 Conn rdp-tcp 65536 Listen ``` Here we have an active session. This can be achieved by logging in using Mesh and then disconnecting. This will leave the user session active on the console and Run As User works. ```text C:\> query.exe session SESSIONNAME USERNAME ID STATE TYPE DEVICE >services 0 Disc console dev 2 Active rdp-tcp 65536 Listen ```

kerem referenced this issue 2026-03-14 04:37:31 +03:00

[GH-ISSUE #1016] Docker docs #2566

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

master

1.0.0

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.20.1

v0.20.0

v0.19.4

v0.19.3

v0.19.2

v0.19.1

v0.19.0

v0.18.2

v0.18.1

v0.18.0

v0.17.5

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.5

v0.16.4

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.12

v0.15.11

v0.15.10

v0.15.9

v0.15.8

v0.15.7

v0.15.6

v0.15.5

v0.15.4

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.8

v0.14.7

v0.14.6

v0.14.5

v0.14.4

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.4

v0.13.3

v0.13.2

v0.13.1

v0.13.0

v0.12.4

v0.12.3

v0.12.2

v0.12.1

v0.12.0

v0.11.3

v0.11.2

v0.11.1

v0.11.0

v0.10.5

v0.10.4

v0.10.3

v0.10.2

v0.10.1

v0.10.0

v0.9.2

v0.9.1

v0.9.0

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.32

v0.4.31

v0.4.30

v0.4.29

v0.4.28

v0.4.27

v0.4.26

v0.4.25

v0.4.24

v0.4.23

v0.4.22

v0.4.21

v0.4.20

v0.4.19

v0.4.18

v0.4.17

v0.4.16

v0.4.15

v0.4.14

v0.4.13

v0.4.12

v0.4.11

v0.4.10

v0.4.9

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.23

v0.2.22

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.8

v0.1.7

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels   

In Process

  

bug

  

bug

  

dev-triage

  

documentation

  

duplicate

  

enhancement

  

fixed

  

good first issue

  

help wanted

  

integration

  

invalid

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

requires agent update

  

security

  

ui tweak

  

wontfix

No labels

In Process

bug

bug

dev-triage

documentation

duplicate

enhancement

fixed

good first issue

help wanted

integration

invalid

pull-request

question

requires agent update

security

ui tweak

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/tacticalrmm#1016

No description provided.