Kerberos Delegation

When authenticating against a server across the network a common problem that people encounter is the inability to access downstream servers like a file share. This is because the network session that is running the code does not have access to the account’s secret to regenerate the network tokens required to access that downstream server. … [Read more…]

Windows mapped drives – what the hell is going on?

Mapped drives have always been a curiosity for me, I’ve used them before in the past but usually come across an issue that forces me to abandon them. Alongside my curiosity, there has also been some demand in Ansible to be able to manage mapped drives and in my naivety I created a very basic … [Read more…]

Windows host through SSH bastion on Ansible

A use case I’ve been asked about a few times is to be able to connect to a Windows host through another bastion host. In the context of this post, a bastion host is “a server that is placed on the boundary of an internal network and provides access to this network from another external … [Read more…]

Introducing PsExec for Python

Over the past few months I’ve been trying to find a way that gives people more options around running commands on a Windows host remotely. Currently you have a few options available to you that enable this; Configure WinRM Bake in commands to the startup process, like a Windows answer file or AWS user data … [Read more…]

Demystifying WinRM

One of the most common problems I come across today when it comes to remotely managing Windows is dealing with WinRM and its inconsistencies. I wanted to create a blog post that will help people understand what goes on with WinRM a bit more so that they can better use this resource on Windows. This … [Read more…]

Using Packer to create Windows images

As part of my role as a developer for Ansible on everything Windows, I have a need to test my code on a wide variety of Windows and PowerShell versions. I ended up having a setup of the following to cover my bases; Windows Server 2008 64-bit (PowerShell 3.0) Windows Server 2008 R2 (PowerShell 3.0) … [Read more…]

Managing Windows Servers with Ansible

Since version 1.7, Ansible has been able to manage Windows hosts like it can with normal unix OS’. Granted, the meaning of “support” at that time was fairly basic with a lot of the killer features like check mode, become privilege escalation, and others were not available for Windows hosts but it was a start. … [Read more…]