As a part of my work I sometimes connect to a network with an AD environment/Domain, and receive domain user credentials. However, my machine is not a part of the domain. So when I try to query the domain (inside a runas /netonly) window, I get this:
C:\Windows\system32>net accounts /do
The request will be processed at a domain controller for domain WORKGROUP.
System error 1355 has occurred.
The specified domain either does not exist or could not be contacted.
However, if I run the same command from a computer inside that domain I get:
C:\Windows\system32>net accounts /do
Force user logoff how long after time expires?: Never
Minimum password age (days): 0
Maximum password age (days): 42
Minimum password length: 0
Length of password history maintained: None
Lockout threshold: Never
Lockout duration (minutes): 30
Lockout observation window (minutes): 30
Computer role: domain.local
The command completed successfully.
Again, this is inside a runas /netonly window titled "cmd/exe (running as domain.loca\username)".
The same happens for all similar commands such as "net user username /domain"
Is there any way to query these "net" commands from a computer outside the domain (whilst having a domain user of course)?
As additional note, some external tools (like the Windows Resource Kit or even PingCastle) work perfectly with runas / netonly.
No comments:
Post a Comment