Set uid for windows
See here: Is there an equivalent of SU for Windows
Essentially, the architecture of the OS prevents doing what you'd like w/o storing credentials. Yes, you can store them "encrypted", but if the user isn't supposed to have to type anything (like, say, a password) whatever "encryption" you use to store the credentials will have its key stored right along side such that it can be "decrypted" (really encoded / decoded) at the time the user accesses it.
Getting Windows NT operating systems to create an access-token as another use w/o specifying their password requires calling undocumented native-mode APIs. The RunAsEx project will do that, but it could break in future releases of Windows.
runas (at least on xp sp3) has option "/savecred" - it asks for password the first time and then it uses stored one (even after reboot).
There's Encrypted RunAs and a free alternative CPAU. Although I wouldn't use those until absolutely necessary.
There is a special program for these purposes - Admilink.
It creates an special encrypted link to targeted file (I test in only with .exe files) - you need to do this action only once. When you click on link - program (Admirun.exe) automatically starts the program in link with the special rights (Rigths depends of selected User during link creation process - you can use admin account or domain account name etc).
Restrictions:
During link creating process (only once) you need to have admin account.
Admirun.exe must be presented in your Windows folder (module included in Admilink).
All documentation on Russian :). Teach russian or ask me for additional help
P.S. It's FREE for non-comercial use.
P.P.S It has lots of additional functions