RPC Encryption – An Exercise in Frustration

Since of the release of Windows LAPS and the introduction of encrypted passwords I’ve been working towards a way of decrypting these payloads on non-Windows platforms. One of the key components of getting this working is to not only have a working RPC client but also support the RPC authentication level RPC_C_AUTHN_LEVEL_PKT_PRIVACY. I’ve worked with … [Read more…]

Kerberos Delegation

When authenticating against a server across the network a common problem that people encounter is the inability to access downstream servers like a file share. This is because the network session that is running the code does not have access to the account’s secret to regenerate the network tokens required to access that downstream server. … [Read more…]

Wacky WSMan on Linux

A few years ago I jumped from doing all my dev work on Windows to Linux. This migration has had a few challenges but one of the things I struggled with initially was the lack of native tooling that can be used to easily and seamlessly interact with other Microsoft products. I’ve typically found some … [Read more…]

Windows mapped drives – what the hell is going on?

Mapped drives have always been a curiosity for me, I’ve used them before in the past but usually come across an issue that forces me to abandon them. Alongside my curiosity, there has also been some demand in Ansible to be able to manage mapped drives and in my naivety I created a very basic … [Read more…]

Windows host through SSH bastion on Ansible

A use case I’ve been asked about a few times is to be able to connect to a Windows host through another bastion host. In the context of this post, a bastion host is “a server that is placed on the boundary of an internal network and provides access to this network from another external … [Read more…]

PowerShell Remoting on Python

One thing I am looking into everyday as part of my job is how to make the remote management of Windows servers easier. Currently the best way is through WinRM but as I’ve written about before, WinRM can be such a vague term. It can mean refer to different technologies and the answer to what … [Read more…]

Introducing PsExec for Python

Over the past few months I’ve been trying to find a way that gives people more options around running commands on a Windows host remotely. Currently you have a few options available to you that enable this; Configure WinRM Bake in commands to the startup process, like a Windows answer file or AWS user data … [Read more…]

Demystifying WinRM

One of the most common problems I come across today when it comes to remotely managing Windows is dealing with WinRM and its inconsistencies. I wanted to create a blog post that will help people understand what goes on with WinRM a bit more so that they can better use this resource on Windows. This … [Read more…]

Using Packer to create Windows images

As part of my role as a developer for Ansible on everything Windows, I have a need to test my code on a wide variety of Windows and PowerShell versions. I ended up having a setup of the following to cover my bases; Windows Server 2008 64-bit (PowerShell 3.0) Windows Server 2008 R2 (PowerShell 3.0) … [Read more…]