nullbind
commented
2 years ago At the moment you still have to do a runas /netonly /user domain\user powershell.exe prior to running that command. It’s a known issue. Sorry for the hassle on that one.
Closed 0xJs closed 6 months ago
nullbind
commented
2 years ago At the moment you still have to do a runas /netonly /user domain\user powershell.exe prior to running that command. It’s a known issue. Sorry for the hassle on that one.
0xJs
commented
2 years ago Sorry for response. But I did use runas /netonly /user domain\user powershell.exe
Tried it again:
runas /netonly /user:domain\user powershell.exe
#in new powershell window
PS C:\Windows\system32> Get-SQLInstanceDomain -DomainController dc.domain.local -Verbose
VERBOSE: Grabbing SPNs from the domain for SQL Servers (MSSQL*)...
VERBOSE: 0 SPNs found.
VERBOSE: Parsing SQL Server instances from SPNs...
VERBOSE: 0 instances were found.Adding -Username domain\user or just user and -password doesn't work with it either.
0xJs
commented
2 years ago Running a powerview command in the same sessions (from the runas) with just the -Server parameter works.
Im trying to connect from a non-domain joined machine with the following command:
Get-SQLInstanceDomain -DomainController dc1.domain.local -Username domain\username -Password password123It does not show that there are any SQL servers, which there are.
Also tried from running with runas the user but no luck.