Switch users from Taskmgr without admin password
In order for administrators to understand a user’s problem, they need to log on as the user, who usually need their password, but if the user is not at their workplace, the admin can reset his password to get his user profile afterwards. This article shows how to do it without a user password.
This will be done using the PsExec tool, which we copied to the download folder before.
PsExec by Mark Russinovich is part of the Sysinternals Suite, which is now part of Microsoft, Sysinternals are system tools developed as freeware, PsExec can be downloaded here.
The help desk employee opens a Command Prompt with raised right and performs the following command:
%USERPROFILE%\Downloads\PsExec -SID cmd.exe
From the second command prompt, which is now open, the task manager (taskmgr) is started:
Now in the task manager with the mouse go over the corresponding user, and with the right mouse button click on Connect, the switch to the user now happens without entering a password.
Especially on a terminal server, this solution is very effective for admins, where several users are logged in, wherethe admin can switch to its session without a user password. It should also be mentioned here that this is not a security vulnerability, otherwise the admin can also do and leave what he wants, for users with normal rights this procedure is not possible.