Run RSAT tools. Non domain joined PC?

siringo

Anyone know of a way in which I can run the Windows RSAT tools from my non domain joined W10 PC?

I go from client to client and I'm hoping to be able to run the Windows admin tools from my PC.

Or anyone know of an alternate program that may work?

JaredBusch

@siringo said in Run RSAT tools. Non domain joined PC?:

Anyone know of a way in which I can run the Windows RSAT tools from my non domain joined W10 PC?

I go from client to client and I'm hoping to be able to run the Windows admin tools from my PC.

Or anyone know of an alternate program that may work?

That is totally not how any of that works.

About the only thing that I can think of is to simply right click and run as.

But you also will run into the problem that RSAT tools are different on ever system

siringo

@JaredBusch said in Run RSAT tools. Non domain joined PC?:

@siringo said in Run RSAT tools. Non domain joined PC?:

Anyone know of a way in which I can run the Windows RSAT tools from my non domain joined W10 PC?

I go from client to client and I'm hoping to be able to run the Windows admin tools from my PC.

Or anyone know of an alternate program that may work?

That is totally not how any of that works.

About the only thing that I can think of is to simply right click and run as.

But you also will run into the problem that RSAT tools are different on ever system

Nah, that'll only run the app as whoever on the local PC, it doesn't parse auth credentials to the external entity.

This works "runas /netonly /user:domain\username "mmc dsa.msc /server=REMOTEDC" but you have to run it from a cmd/powershell box & wait for the password prompt. It's also fiddly if you want to work in different apps that reside within different domains.

Francesco Provino

No, it won't work, I've tried several methods but they are neither functional nor supported. I know it's a shit, but I usually RDP in a domain-joined jumpbox and do all of my work from there.

Obsolesce

@siringo said in Run RSAT tools. Non domain joined PC?:

@JaredBusch said in Run RSAT tools. Non domain joined PC?:

@siringo said in Run RSAT tools. Non domain joined PC?:

Anyone know of a way in which I can run the Windows RSAT tools from my non domain joined W10 PC?

I go from client to client and I'm hoping to be able to run the Windows admin tools from my PC.

Or anyone know of an alternate program that may work?

That is totally not how any of that works.

About the only thing that I can think of is to simply right click and run as.

But you also will run into the problem that RSAT tools are different on ever system

Nah, that'll only run the app as whoever on the local PC, it doesn't parse auth credentials to the external entity.

This works "runas /netonly /user:domain\username "mmc dsa.msc /server=REMOTEDC" but you have to run it from a cmd/powershell box & wait for the password prompt. It's also fiddly if you want to work in different apps that reside within different domains.

That's the beauty of security. Some outsider can't just come in to someone's network with their own hardware and successfully connect from all the RSAT tools.

That said, we know there are better ways. (SSH) Design flaw? No... just bad design and would quite a task to redo it... but seems like they are working toward it now with .NET core, PowerShell core, etc... so hopefully sometime.

IRJ

@Obsolesce said in Run RSAT tools. Non domain joined PC?:

@siringo said in Run RSAT tools. Non domain joined PC?:

@JaredBusch said in Run RSAT tools. Non domain joined PC?:

@siringo said in Run RSAT tools. Non domain joined PC?:

Anyone know of a way in which I can run the Windows RSAT tools from my non domain joined W10 PC?

I go from client to client and I'm hoping to be able to run the Windows admin tools from my PC.

Or anyone know of an alternate program that may work?

That is totally not how any of that works.

About the only thing that I can think of is to simply right click and run as.

But you also will run into the problem that RSAT tools are different on ever system

Nah, that'll only run the app as whoever on the local PC, it doesn't parse auth credentials to the external entity.

This works "runas /netonly /user:domain\username "mmc dsa.msc /server=REMOTEDC" but you have to run it from a cmd/powershell box & wait for the password prompt. It's also fiddly if you want to work in different apps that reside within different domains.

That's the beauty of security. Some outsider can't just come in to someone's network with their own hardware and successfully connect from all the RSAT tools.

Isnt that what PAW is for?

siringo

@IRJ said in Run RSAT tools. Non domain joined PC?:

@Obsolesce said in Run RSAT tools. Non domain joined PC?:

@siringo said in Run RSAT tools. Non domain joined PC?:

@JaredBusch said in Run RSAT tools. Non domain joined PC?:

@siringo said in Run RSAT tools. Non domain joined PC?:

Anyone know of a way in which I can run the Windows RSAT tools from my non domain joined W10 PC?

I go from client to client and I'm hoping to be able to run the Windows admin tools from my PC.

Or anyone know of an alternate program that may work?

That is totally not how any of that works.

About the only thing that I can think of is to simply right click and run as.

But you also will run into the problem that RSAT tools are different on ever system

Nah, that'll only run the app as whoever on the local PC, it doesn't parse auth credentials to the external entity.

This works "runas /netonly /user:domain\username "mmc dsa.msc /server=REMOTEDC" but you have to run it from a cmd/powershell box & wait for the password prompt. It's also fiddly if you want to work in different apps that reside within different domains.

That's the beauty of security. Some outsider can't just come in to someone's network with their own hardware and successfully connect from all the RSAT tools.

Isnt that what PAW is for?

What is PAW?

dbeato

@siringo said in Run RSAT tools. Non domain joined PC?:

@IRJ said in Run RSAT tools. Non domain joined PC?:

@Obsolesce said in Run RSAT tools. Non domain joined PC?:

@siringo said in Run RSAT tools. Non domain joined PC?:

@JaredBusch said in Run RSAT tools. Non domain joined PC?:

@siringo said in Run RSAT tools. Non domain joined PC?:

Anyone know of a way in which I can run the Windows RSAT tools from my non domain joined W10 PC?

I go from client to client and I'm hoping to be able to run the Windows admin tools from my PC.

Or anyone know of an alternate program that may work?

That is totally not how any of that works.

About the only thing that I can think of is to simply right click and run as.

But you also will run into the problem that RSAT tools are different on ever system

Nah, that'll only run the app as whoever on the local PC, it doesn't parse auth credentials to the external entity.

This works "runas /netonly /user:domain\username "mmc dsa.msc /server=REMOTEDC" but you have to run it from a cmd/powershell box & wait for the password prompt. It's also fiddly if you want to work in different apps that reside within different domains.

That's the beauty of security. Some outsider can't just come in to someone's network with their own hardware and successfully connect from all the RSAT tools.

Isnt that what PAW is for?

What is PAW?

Privileged Access Workstations

https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/privileged-access-workstations