quote:

---

I am seeking a solution using any scripting language, (KIX, VBS, JS with WMI or WSH or any other means) to connect to a remote box and access the network through that box, without using tools like SU.EXE or PSEXEC.EXE. I have managed to connect via all languages and means, but I keep running into the dreaded ERROR 1312 - A specified logon session does not exist. It may already have been terminated. Is there any way around this using a scripting language?

---

quote:

---

So you wish to establish something like a remote console on the target machine? Kind of like a telnet session? Or are you simply trying to access the file system on the remote machine?

---

quote:

---

I can already connect to the remote machine using the impersonate method in WMI or the WSHController object in WSH, unfortunately when I am connected, I do not have access to network resources through the remote box. It is like a Telnet session already...

---

quote:

---

Ahh. You are running into the classic delegation problem. You are trying to make two network hops with your credentials. This won’t work by default, and I’m not sure you even *want* it to work unless you really trust that remote box to which you’d delegate your credentials.

---

quote:

---

You hit it on the nose. Unfortunately, delegation, from what I understand, will only work under Kerberos authentication supplied by AD. ...I don't think VBS or Kix are capable enough to handle any other required means...

---

quote:

---

If you’re using NTLM, then the only way to delegate your credentials would be to send your password to the remote machine, using an encrypted link. NTLM does support encryption, but you won’t be doing this via scripting languages anytime soon, as you’ve pointed out.

---