Wednesday, August 24, 2011

Remote server management with alternate credentials

This post is something of a throwback to the early Windows NT days, and is still applicable for newer OS's (NT and anything Windows 2000 and above). If you are trying to manage a system remotely (not using remote desktop or similar VNC type technology), you will frequently be using RPC based connections. Tools like pstools, MMC's (eventvwr, compmgmt.msc, etc), regedit and many others use this type of connection. If you the machine you are connecting to does not allow access with your credentials, is not a member of your forest, or is not joined to a domain; then there is one easy way to get all of your tools working. If you use the command line tool for drive mapping, you can also create an authenticated RPC session between your machines which will be used in any access attempt you make after this.

Here is an example of connecting to a remote server using the local administrator account on that machine:

net use \\remoteserver\ipc$ /user:remoteserver\administrator *

The * at the end of the command will cause a prompt for password to come up when you run it. If the connection is successful, you have authenticated with alternate credentials. Now you can use your RPC based tools for access with no problems.

To remove these connections: net use \\remoteserver\ipc$ /delete

No comments:

Post a Comment