Using native commands over remote connection

Tagged: 

This topic contains 8 replies, has 2 voices, and was last updated by Profile photo of i255d i255d 2 years ago.

  • Author
    Posts
  • #18895
    Profile photo of i255d
    i255d
    Member

    I just finished watching Don Jones video's on CBT Nugget on how to run native commands, but I need to run these remotely I need to change the password on a domain that my laptop isn't a member of. I have already changed the trusted host file so I can make the connection to one of the servers in the domain to run the comand from, but I can't get the commands to work. All of the DC's in that domain are 2003 DC's.

    [172.99.26.21]: PS C:\Users\admin\Documents> net user 'testuser' /DOMAIN | FIND /I "Account active"

    [172.99.26.21]: PS C:\Users\admin\Documents>
    See, no output 😉
    I think I have two problems, one is syntax, where to I put the quotes and the other passing credentials. HELP please!!!

  • #18917
    Profile photo of Mike F Robbins
    Mike F Robbins
    Participant

    I'm testing your scenario with 2008 R2 domain controllers and it works without issue even when I connect to a member server instead of a domain controller using:

    Enter-PSSession -ComputerName 172.99.26.21 -Credential (Get-Credential)

    Then I run the following:

    net user 'testuser' /DOMAIN | FIND /I "Account active"

    And it returns:

    Account active No

  • #19001
    Profile photo of i255d
    i255d
    Member

    Sorry for taking so long to respond, I guess I was expecting an email if someone responded. Just to verify, the workstation that you used, is not a member of the domain? I just tried it again, and I still get nothing.

    $cred = Get-Credential -Credential 'domain\domainadmin'
    Enter-PSSession -ComputerName '10.199.25.121' -Credential $cred
    [10.199.25.121]: PS C:\Users\diverso\Documents> net user 'DomainUser' /DOMAIN | FIND /I "Account active"
    NOTHING

  • #19002
    Profile photo of Mike F Robbins
    Mike F Robbins
    Participant

    I wasn't sure if that's how I tested it so I decided to re-test and I'm able to replicate the problem. If you run only the first part of the command:

    $cred = Get-Credential -Credential 'domain\domainadmin'
    Enter-PSSession -ComputerName '10.199.25.121' -Credential $cred
    [10.199.25.121]: PS C:\Users\diverso\Documents> net user 'DomainUser' /DOMAIN

    I bet you'll receive an access denied error. Since you're connected to a member server and running the command in a remote session, it's trying to contact a domain controller and you're experiencing the double-hop problem.

    The reason you receive nothing when you pipe to the FIND command is because the first part of the command doesn't produce any results.

  • #19490
    Profile photo of i255d
    i255d
    Member

    Thanks Mike. So, because I am running it remotely, the first command doesn't work because the credentials won't carry to the DC? Will this work if I create an end point on this server and give it the command and credential and then make that only available to a certain group?

  • #19836
    Profile photo of i255d
    i255d
    Member

    Can this be done if I enable wsmancredssp?

    • #20137
      Profile photo of i255d
      i255d
      Member

      Anyone, do we think this can be done with credssp?

  • #20486
    Profile photo of i255d
    i255d
    Member

    Ok, I got this working with WSMCredssp. I had to enable WSMancresssp on the server that the native commands would try and access:

    Enable-WSManCredSSP -Role server -Force #run this on endpoint server

    The last issue is how to add new line between the lines in the body of the email.

    Thanks DON, great training, ready for feedback.

    function Unlock-DOMUser {
    [CmdletBinding()]
    Param (
    [parameter(Mandatory=$true,
    Position=0,
    ParameterSetName="Status")]
    [parameter(Mandatory=$true,
    Position=0,
    ParameterSetName="Unlock")]
    [parameter(Mandatory=$true,
    Position=0,
    ParameterSetName="Reset")]
    [String]$DOMeid,
    [parameter(Mandatory=$true,
    ParameterSetName="Status")]
    [Switch]$AccountStatus,
    [parameter(Mandatory=$true,
    ParameterSetName="Unlock")]
    [Switch]$AccountUnlock,
    [parameter(Mandatory=$true,
    ParameterSetName="Reset")]
    [Switch]$AccountReset,
    [parameter(Position=2,
    ParameterSetName="Reset")]
    [String]$EmailAddress = "$DOMeid@domdom.com"
    )

    Begin{
    #Get-Item -Path WSMan:\localhost\Client\TrustedHosts
    Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value 'atl01osi357' -Confirm:$false -Force
    Enable-WSManCredSSP -DelegateComputer serv01oss333.DOM.DOM.com -Force -Role Client | Out-Null
    $User = "DOM\svc-custkkreset"
    $PWord = ConvertTo-SecureString –String 'password' -AsPlainText -Force
    $Credential = New-Object –TypeName System.Management.Automation.PSCredential –ArgumentList $User, $PWord
    $credsp1 = New-PSSession -ComputerName 'serv01oss333.DOM.DOM.com' -Credential $Credential -Name credssp1 -Authentication Credssp

    }#end begin

    Process{
    if ( $AccountStatus ) {
    Invoke-Command -session $credsp1 -ScriptBlock { param($DOMeid) net user $DOMeid /DOMAIN | FIND /I "Account active"} -ArgumentList $DOMeid
    }#end if

    if ( $AccountUnlock ) {
    Invoke-Command -session $credsp1 -ScriptBlock { param($DOMeid) Net user $DOMeid /DOMAIN /active:YES } -ArgumentList $DOMeid
    }#end if

    if ( $AccountReset ) {
    $randn = get-random -min 101 -max 999
    [string]$randl = (Get-Random -InputObject 'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z' -Count 4)
    $randl = $randl.Replace(' ',")
    [string]$paswd = "!DOM"+$randl+$randn

    Invoke-Command -session $credsp1 -ScriptBlock { param($DOMeid,$paswd) Net user $DOMeid $paswd /DOMAIN /active:YES } -ArgumentList $DOMeid,$paswd

    Send-MailMessage -From "cs@domdom.com" `
    -Cc me@DomDom.com `
    -Subject "DOM Pasword Reset" `
    -BodyAsHtml -Body "Your DOM password had been reset to $paswd, please reset at next logon. `
    If you still need help, contact the Service Desk:`r`n `
    For Field Associates: 777-llll For Corporate Campus: ext1111" `
    -To "$EmailAddress" -SmtpServer email.DOM.com

    }#end if

    }#end process

    End{
    Remove-PSSession -Session $credsp1
    Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value " -Confirm:$false -Force
    }#end end

    }#end function

  • #20519
    Profile photo of i255d
    i255d
    Member

    The `r and `n do nothing. Why is that?

You must be logged in to reply to this topic.