Using admin cert on smart card to view filesystem

This topic contains 1 reply, has 2 voices, and was last updated by  Rick 1 week ago.

  • Author
    Posts
  • #84092

    B
    Participant

    Scenario: Win7 and Win10; I use a smart card which holds privileged (admin) and unprivileged (user) certs; would like to not need to log out of user and into admin to do something as simple as view restricted folders and their permissions etc.

    Goal: While logged into my unprivileged account, invoke my admin certificate on the smart card to enable viewing/editing of group-restricted folders in explorer.

    What I've tried: using the -smartcard argument with runas, using -user argument to specify my admin account; using -user along with the specific file path I'm attempting to access by pasting it after the explorer.exe (runas -user:adminacc explorer.exe \\server\drivename); using both of those arguments together

    Results: opens explorer, but explorer does not recognize e as admin at the point of clicking on the shared drive and attempting to open the targeted folder; when using both together it gives an error if I try to specifiy the folder path as I have done while solely utilizing the -user argument

    Anyone mind pointing me towards the right direction? I'm getting to the point of feeling like I am investing more time than the return I'd potentially get if/when I figure this out. Thank you for any guidance you can provide.

  • #84152

    Rick
    Participant

    Try using something other than explorer.exe to browse the remote share. You could even try launching runas with notepad and use the file open in notepad to see if you can access the folders. It might be that explorer.exe is to tightly tied to your current windows session.

You must be logged in to reply to this topic.