NOTE: CPAU defaults to network logon, just like runas /netonly, so it won't verify the password until you connect.
When you type cpau /?, you receive:
CPAU V01.06.00cpp Joe Richards (email@example.com) May 2004 Usage: CPAU -u user \[-p password\] -ex "WhatToRun" \[switches\] user User to log on as. Ex: user or domain\user password User's password WhatToRun What to execute Switches: (designated by - or /) -profile Do local logon with profile instead of net logon -k Prefix command with cmd /k to leave window open -pipepwd Special method allows you to pipe password in -enc Encrypt a job file for later user -dec Use an ecrypted job file -file Specify job file to execute or create -wait Wait for process completion before returning. -cwd x Start at working directory x. -crc file\[,file,file\] This option allows you to encode CRC info for files in the job file. When decoded the CRC have to match or the program bombs. Note that it will not chase paths looking for the file, you must specify the exact path. Ex1: cpau -u joehome\joe -p logon -ex "perl cleanup.pl" Runs perl script cleanup.pl as joehomejoe Ex2: cpau -u joehome\joe -p logon -ex "perl cleanup.pl" -enc -file cleanup.job Creates job file called cleanup.job to run perl script cleanup.pl as joehomejoe Ex3: cpau -dec -file cleanup.job Execute job file cleanup.job Ex4: cpau -u joehome\joe -p logon -ex "perl cleanup.pl" -wait Runs perl script cleanup.pl as joehomejoe and waits for process to end Ex5: cpau -u joe -p logon -ex notepad.exe Runs notepad as user joe Ex6: cpau -u joehome\joe -p logon -ex logonscript.cmd -profile Runs logon script in current directory as user joe (see note below) Ex7: cpau -u joehome\joe -p logon -ex logonscript.cmd -profile -cwd c:\temp Runs logon script in/from c:\temp as user joe (see note below) Ex8: cpau -u joe -p logon -ex logonscript.cmd -enc -file logon.job -crc logonscript.cmd Encodes logon.job file and CRC protects the batch file Note: I had to add some protection to this. It seems people were running this with a networked drive for the current working directory. Microsoft prevents cross- security context access of network drives on purpose, this causes CPAU to not be able to fire the process up. To correct for that, if CPAU realizes your current working directory is a network drive it will change the CWD to the default local path (usually c:\windows\system32). To override this functionality you must specify the CWD option, note that if you set it to a network drive you most likely will not function properly. Also note that this is not a bug in CPAU, this is purposeful functionality from MS. You can see this out of anything that changes your local security context. Also note that if you are using this for a logon script or something else where you need the permissions to take affect locally, you need to specify the -profile switch. By default the process spawned has the current user's security context locally and the new security context remotely. Also keep in mind the note above concerning network drives, logon scripts run from network drives, you will need to set the CWD to a local machine (c:\temp maybe) and copy whatever files are necessary locally and then run cpau. This software is Freeware. Use it as you wish at your own risk. If you have improvement ideas, bugs, or just wish to say Hi, I receive email 24x7 and read it in a semi-regular timeframe. You can usually find me at firstname.lastname@example.org