Partager via


double hop issue

Didn't hear about double hop issue for some time then one intern came to for help on one issue. He tried to connect to another machine us Powershell remoting and run 'dir \\shareserver\sharename' on that machine but powershell reported the error message that the path doesn't exist. It is really confusing since he can access the share from windows explorer on that machine. I thought and then realized that it is that notorious double hop issue.

Fortunately Windows provides CredSSP(Credential Security Service Provider) which can be used to solve the double hop issue. CredSSP was designed to meet Remote Desktop requirements but it can be used to tackle double hop issue. Powershell remoting infrastructure takes advantage of this.

There is a good blog about how to use CredSSP in powershell remoting so I don't need to reinvent wheels. Please see the below link for more details

https://blogs.msdn.com/b/powershell/archive/2008/06/05/credssp-for-second-hop-remoting-part-i-domain-account.aspx