This topic contains 1 reply, has 2 voices, and was last updated by
November 17, 2016 at 7:35 am #57977ParticipantPoints: 0Rank: Member
In the company where I am currently, we want to put a script (powershell) in place so that it can list the different files opened by the users. This is to find out who to open what because a lot of files are shared and sometimes left open by a user to the detriment of other users.
Here is the script we are currently using:
openfiles /query /s monServeur /u monCompte /p monMotDePasse /fo CSV > C:\temp\fichiers_ouverts.csv
The problem with this script is that the password is clear in the file and even if only the IT department can access it it hardly see the passwords in clear. So for this small evolution of the script:
$user = Read-host "Veuillez entrer l'utilisateur de la session" $password = Read-Host "Saisissez le mot de passe" openfiles /query /s monServeur /u $user /p $password /fo CSV >> C:\temp\fichiers_ouverts.csv
So here the password is requested from the user and therefore appears in clear when typed. For this we want that when typing the password the characters are replaced by dots or stars. So we added the "-AsSecureString" option.
The problem with this option is that the script no longer retrieves the correct password.
We saw that the password was of SecureString type and from there we can not use this password, even using the ConvertTo or ConvertFrom option.
Would someone have an information about the syntax to follow so that the encrypted password can be accepted during the request made in the script?
November 17, 2016 at 8:10 am #57980ParticipantPoints: 0Rank: Member
I think easiest way to do what you want – remove user/password from file, make scheduled task with correct "runas" user/password and run it by request or by time 😉
Change you "script" lines to $Credential = (Get-Credential).GetNetworkCredential()
and use it as $Credential.UserName $Credential.Password
The topic ‘encrypt password’ is closed to new replies.