Book Image

Mastering Windows PowerShell Scripting (Second Edition) - Second Edition

By : Brenton J.W. Blawat
Book Image

Mastering Windows PowerShell Scripting (Second Edition) - Second Edition

By: Brenton J.W. Blawat

Overview of this book

PowerShell scripts offer a handy way to automate various chores. Working with these scripts effectively can be a difficult task. This comprehensive guide starts from scratch and covers advanced-level topics to make you a PowerShell expert. The first module, PowerShell Fundamentals, begins with new features, installing PowerShell on Linux, working with parameters and objects, and also how you can work with .NET classes from within PowerShell. In the next module, you’ll see how to efficiently manage large amounts of data and interact with other services using PowerShell. You’ll be able to make the most of PowerShell’s powerful automation feature, where you will have different methods to parse and manipulate data, regular expressions, and WMI. After automation, you will enter the Extending PowerShell module, which covers topics such as asynchronous processing and, creating modules. The final step is to secure your PowerShell, so you will land in the last module, Securing and Debugging PowerShell, which covers PowerShell execution policies, error handling techniques, and testing. By the end of the book, you will be an expert in using the PowerShell language.
Table of Contents (24 chapters)
Title Page
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface

The double-hop problem


The double-hop problem describes a scenario in PowerShell where remoting is used to connect to a host and the remote host tries to connect to another resource. In this scenario, the second connection, the second hop, fails because authentication cannot be implicitly passed.

There have been numerous articles discussing this problem over the years. Ashley McGlone published a blog post in 2016 that describes the problem and each of the possible solutions:

https://blogs.technet.microsoft.com/ashleymcglone/2016/08/30/powershell-remoting-kerberos-double-hop-solved-securely/

This section briefly explores using CredSSP, as well as how to pass explicit credentials to a remote system. Neither of these options is considered secure, but they require the least amount of work to implement.

The two options discussed as follows are therefore useful when:

  • The remote endpoint is trusted and has not been compromised.
  • Critical authentication tokens can be extracted by any administrator on the...