![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Cerulean
[H]F Junkie
- Joined
- Jul 27, 2006
- Messages
- 9,476
Greetings!
Here's the story:
Administrators receive a smart card for authentication. They connect via VPN from work laptop, then use RDP with smart card for authentication. They never type in a password.
A particular server responds to pings, but hangs up at RDP login waiting for smart card authentication / "Welcome..." message. Cannot connect to server from mmc, but can access the administrative C$ UNC share.
In an environment setup depending on smart cards for authentication, is it possible to execute commands remotely on servers? Example: query user /server:HOSTNAME and shutdown /r /t 0 /f /m \\HOSTNAME
I have a suspicion that simply executing those commands will not work, and that an additional step is necessary or that it isn't possible due to the authentication mechanism required and that the server would need to be rebooted via KVM/iLO/DRAC/IPMI/ILOM
EDIT: OK, got it! Open cmd, execute runas /smartcard cmd.exe. It will probably ask for a PIN, so enter it. This will open up a cmd authenticated used the smartcard. Using the 'query user /server:HOSTNAME' (or 'quser /server:HOSTNAME') commands there was success this time. My thought process was correct. Yay
Here's the story:
Administrators receive a smart card for authentication. They connect via VPN from work laptop, then use RDP with smart card for authentication. They never type in a password.
A particular server responds to pings, but hangs up at RDP login waiting for smart card authentication / "Welcome..." message. Cannot connect to server from mmc, but can access the administrative C$ UNC share.
In an environment setup depending on smart cards for authentication, is it possible to execute commands remotely on servers? Example: query user /server:HOSTNAME and shutdown /r /t 0 /f /m \\HOSTNAME
I have a suspicion that simply executing those commands will not work, and that an additional step is necessary or that it isn't possible due to the authentication mechanism required and that the server would need to be rebooted via KVM/iLO/DRAC/IPMI/ILOM
EDIT: OK, got it! Open cmd, execute runas /smartcard cmd.exe. It will probably ask for a PIN, so enter it. This will open up a cmd authenticated used the smartcard. Using the 'query user /server:HOSTNAME' (or 'quser /server:HOSTNAME') commands there was success this time. My thought process was correct. Yay
Last edited: