Re: [PSH] get-credential automation
- From: "Marcel J. Ortiz [MSFT]" <mosoto@xxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 19 May 2006 16:22:20 -0700
BTW, even if the scripts are just for you, you should consider using the
convert(to/from)-securestring cmdlets to save your password in a secure
fashion. Example:
PS>$password = read-host -as
**********
PS>ConvertFrom-SecureString $password | out-file password.txt
PS>type password.txt
01000000d08c9ddf0115d1118c7a00c04fc297eb0100000092ada41141c9bf499276a7e159e42fbc0000000002000000000003660000a8000000100
00000869cff29b48417b2555baacc8fd6a1030000000004800000a000000010000000ead25fb7b7b27340849b2ffc36604ba11800000049cf194538
a7a510ae24178477e9d9ae31e82260dc5465e7140000002d3931e24db729f147d4e26cc6aa5c77e54f8eee
This is encoded using my credentials so only my user can get the contents.
Lets try decoding it from another user account:
PS C:\Documents and Settings> type password.txt
01000000d08c9ddf0115d1118c7a00c04fc297eb0100000092ada41141c9bf499276a7e159e42fb
c0000000002000000000003660000a800000010000000869cff29b48417b2555baacc8fd6a10300
00000004800000a000000010000000ead25fb7b7b27340849b2ffc36604ba11800000049cf19453
8a7a510ae24178477e9d9ae31e82260dc5465e7140000002d3931e24db729f147d4e26cc6aa5c77
e54f8eee
PS C:\Documents and Settings> type password.txt | ConvertTo-SecureString
ConvertTo-SecureString : Key not valid for use in specified state.
At line:1 char:43
+ type password.txt | ConvertTo-SecureString <<<<
Now, lets try reading it back in from the account that created it:
PS>type password.txt
01000000d08c9ddf0115d1118c7a00c04fc297eb0100000092ada41141c9bf499276a7e159e42fbc0000000002000000000003660000a8000000100
00000869cff29b48417b2555baacc8fd6a1030000000004800000a000000010000000ead25fb7b7b27340849b2ffc36604ba11800000049cf194538
a7a510ae24178477e9d9ae31e82260dc5465e7140000002d3931e24db729f147d4e26cc6aa5c77e54f8eee
PS>type password.txt | ConvertTo-SecureString
System.Security.SecureString
--
Marcel Ortiz [MSFT]
Windows PowerShell
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
"Wei Wu [MSFT]" <wwu@xxxxxxxxxxxxx> wrote in message
news:OqbmnupeGHA.3468@xxxxxxxxxxxxxxxxxxxxxxx
1. construct a securestring object using either read-host or new-object
PS C:\monad> $securestr1 = read-host -as
******
PS C:\monad> $securestr2 = new-object security.securestring
PS C:\monad> $securestr2.appendchar('s')
...
2. construct a PSCredential object using new-object
PS C:\monad> $cred = new-object management.automation.pscredential
username,$securestr1
3. now you can use this PSCredential object in get-credential or
get-wmiobject etc.
PS C:\monad> get-credential $cred
UserName Passw
--------
-----
username System.Security.SecureStr
--
Wei Wu [MSFT]
MSH Team
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no
rights.
"ebgreen" <ebgreen@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:66772AFA-6388-4818-AF2B-CEBFA7D22557@xxxxxxxxxxxxxxxx
I often have the need to run automated scripts that will use a local admin
name and password on a remote machine to get WMI info. I can not find a
way
to avoid the password prompt that comes from using get-credential or
using
-credentials in get-wmiobject. I realize that there are security issues
here,
but these are scripts that I run myself and are not distributed so plain
text
passwords is not a huge concern for me. Any idea how I can automate this
and
avoid the popup?
.
- References:
- Re: [PSH] get-credential automation
- From: Wei Wu [MSFT]
- Re: [PSH] get-credential automation
- Prev by Date: Re: Add username and password to connect
- Next by Date: Re: Error 800A01CE - HELP!!!!
- Previous by thread: Re: [PSH] get-credential automation
- Next by thread: Re: [PS] Bug? Move-Item on folder to non-existing folder is equivalent to rename
- Index(es):
Relevant Pages
|
