Use Secure password in your powershell code without a prompt

Use Secure password in your powershell code without a prompt


- Yesterday i was running a script where i had to type my credentials(Username and password) to get the mandatory results from it, now Normally if you want to use your credentials with one time prompt that will take your information and apply it where ever it is required, you can use somthing like this :






you can notice in that when you type : Get-Credential -UserName "Domain\UserName" -Message "Some Message" that you will get a prompt asking you for your password, once you put the password this credential can be use any where in the code when it's required, of course you can assign the CMDLET to a variable and you can use this variable anywhere you want, for example:

$cer = Get-Credential -UserName "Domain\UserName" -Message "Some Message"

now this is great if i am running a code every time by myself, but what if i want to schedule some code, and this code needs my Admin domain credentials, of course i cant be available every time the job needs to run, also i cant take the risk and put my password inside the code in a clear text or even put the password in another file and call it from there..



To fix this issues, PowerShell has it's own PScredentials which can be used in different ways to use my credentials securely without interacting with the script and put my password.


You can easily use this as following, first You have to save your password in a file securely like this :




This syntax will simply allow you to store your password in a file securely, if you open the file where you stored the password it will look something like this:
you can see that your password is secure a little, still that's not all, there are more coming, now once this is done, now you wanna see this is work, this is a small example :

 
$username = "domain01\admin01"
$password = cat C:\securestring.txt | convertto-securestring
$cred = new-object -typename System.Management.Automation.PSCredential `
         -argumentlist $username, $password

$serverNameOrIp = "192.168.1.1"
Restart-Computer -ComputerName $serverNameOrIp `
                 -Authentication default `
                 -Credential $cred
the above example was provided by this link :

in the above code, we called the file where the password was stored and transferred it into a secure string, when you do that you only need to do it once, after that your code will always call the password in your file in a secure string. than we used the "restart-computer" CMDLET to restart a remote PC.
also have a look at the "$cred" variable just as reference. 


sadly I gotta go now, I still have some work to do, Happy scripting everyone. Hasta luego todos...

Comments

  1. Jeffery HicksApril 4, 2015 at 8:54 AM

    As long as you are aware that committing any credential or password to disk, even like this is not a security best practice. But this may be acceptable for some companies.

    ReplyDelete
  2. UnknownApril 9, 2015 at 10:48 AM

    AWESOME will work well for me here.

    ReplyDelete

Post a Comment

Popular posts from this blog

Parsing PDF to text using PowerShell There are times when you come and you find some Important PDF file (Something like a low level design or something similar), The point is I really hate PDF files... I was googling a way which i can use to read PDF files using PowerShell, this can be helpful of you have a lots of PDF files and you want to filter these PDF's based on certain word or a string (Using a regex or something similar to do that). I know i was talking too much so let cut to the chase : I found this amazing .NET library which you can use to parse a PDF file(Convert it into a text). The library is called "ITextSharp", here you can fidn some information about it : http://sourceforge.net/projects/itextsharp/?source=typ_redirect I assume that you already know what the hell I am talking about so, This is the code which i got from from Stack Overflow : http://stackoverflow.com/questions/15684699/how-to-parse-pdf-content-to-database-with-pow
Read more

IP Calculator in PowerShell...with IP exclusion

Hola todos... que pasa? It has been a while since i post i was really busy with so many stuff, bottom line, i had this strange requirement at work where i had to create a script to calculate the IP address from a subnet, now normally this means we have to create a bunch of scopes or subnets in the DHCP server, which was my case, i had to create more than 4 thousand scopes on Linux DHCP server. now I was thinking how in the hell I am going to insert all these scopes in the configuration file, of course the first things I came up with was to provide the mandatory information (First IP, last IP, broadcast IP and number of hosts) which was not a big problem, I found this link : https://gallery.technet.microsoft.com/scriptcenter/ipcalc-PowerShell-Script-01b7bd23 This guy did a very good job and save my ass, but this was not the issue, in my situation, I had to exclude the first 48 IP addresses from each scope. Now in Linux DHCP configuration file, each scope was represent
Read more
Using  Selenium WebDriver with PowerShell Hola todos... que pasa? This time I am going to show an example on how to use Selenium WebDriver with PowerShell to open the browser and do stuff like checking a checkbox or maybe writing some text in a text box. This one took me sometime to deal with it, it was not a straightforward thing, I spent so much time in front of my laptop, I lost the feeling on my ass for some time after finishing the code, anyway, To find more information about Selenium and how it works, you can dig this link :   http://www.seleniumhq.org/ this WebDriver was built for C#, and of course it can be used and called withing PowerShell or Vb.net easily... Anyway, let’s talk about the code : #Code Start Here : # moving to the folder where Selenium DLL files are… # You can also use Add-Type Cmdlet with -path option, it will do the same. cd "d:\NonOfficialPSModules\selenium-dotnet-2.46.0\net40" [System.Reflection.Assemb
Read more