You obviously don’t want to hardcode domain credentials into a script – and PowerShell actually makes it a bit difficult to do so, for good reason. On the other hand, you sometimesÂ needÂ a script to do something using alternate credentials, and you don’t necessarily want the runner of the script to know those credentials.
So how do you deal with it?
Let’s be clear: This isÂ not a wish list. Comments like, “I wish PowerShell could do ____” aren’t valid. WhatÂ do you do using the technology as it exists today? Do you prompt for a credential and assume the script user will have it? Do you try to hardcode it? Do you set up a constrained endpoint? What?