Aajnow
commented
6 years ago Was in the middle of an engagement, fortunately the client allowed domain users to add computers to the domain, fired up a Win-VM and now could request a SPN worked and the hashes retrieved, I assume it uses the computer account to authenticate and create a secure channel to request an SPN and it wont work over a non domain joined machine, even when run with runas or powershell get-credential command ????
ankushgoel27
Rourke101
I am running the standalone script for Invoke-Kerberaost from a non-domain joined machine with a normal domain account. When running it by firing up powershell with the runas command I get the error " New-Object : Exception calling ".ctor" with "1" argument(s): "The NetworkCredentials provided were unable to create a Kerberos credential, see inner exception for details."" Also the same error when i use the -Credential option. Any missing there ??