Originally posted by: stash
probably closest thing to SUDO would be the "runas" command (which has been effectively disabled unless you enable the built in administrator (root) account...which is disabled by default in Vista.
Runas is still there, but only from the command line. Right clicking on a shortcut gives you the 'run as administrator' command now.
You don't really ever switch accounts
You do if you run as a 'real' normal user (not an admin with a split token). If you run as a regular user and you do something that requires elevation, you will be prompted to enter the credentials of an admin account.
This all can be controlled by policy of course. For instance, in corporate environment, you might not want users getting prompted to enter admin creds. That will generate a lot of helpdesk calls ("hey, what's the password?"). Instead, you can configure it so that they'll just get a "you don't have permission to do this" type message.
To me, UAC is much more effective if you actually run as a normal user, and not as an admin with a split token. The consent UAC dialog justs requires an admin user to click ok, whereas the credential UI that a normal users gets requires them to enter credentials.