Authenticate to different host

Use case

This script block can be used in combination with an Azure Runbook. For example you can run a PowerShell script on an Active Directory Domain Controller via an AD Joined Hybrid Worker. So, you can use all the advantages of Azure Runbooks with the ability to automate the core of Active Directory. In addition, an external source can dynamically check all AD DCs and scheduled tasks do not have to be manually installed on all domain controllers for the same use case. 

PowerShell Example

This code snippet can be used to authenticate to a host (Server) and use different credentials for the connection. This script is specific to check if the user account in $ServiceAccountUPN has local admin access on the host in $ServerName. To customize the code which will be executed on the remote machine, you have to change the code inside the -ScriptBLock {<insertcustomcodehere>}.

$ServiceAccountUPN = ""
$ServiceAccountPW = ""
$ServerName = ""

$Password = ConvertTo-SecureString -AsPlainText $ServiceAccountPW -Force
$Credential = New-Object System.Management.Automation.PSCredential($ServiceAccountUPN, $Password)

$output = Invoke-Command -Credential $Credential -ComputerName "$ServerName" -ScriptBlock {
    $CurrentUser = [Security.Principal.WindowsIdentity]::GetCurrent()
    $isAdmin  = (New-Object Security.Principal.WindowsPrincipal $CurrentUser).IsInRole([Security.Principal.SecurityIdentifier] "S-1-5-32-544")
    write-output "Output $($CurrentUser) ($($isAdmin))"
}

$output

Invoke-Command uses Windows Remote Management under the hood. 

Windows Remote Management

Windows Remote Management (WinRM) uses the Port: 5986 over TCP. In the background is HTTPS Protocol. WinRM is automatically installed with all currently supported versions of the Windows operating system. The WinRM service starts automatically on Windows. By default, Internet Connection Firewall (ICF) blocks access to ports.