How to convert a password in a securestring to use it in an other script.

Tagged: 

This topic contains 6 replies, has 3 voices, and was last updated by Profile photo of Luca Wirths Luca Wirths 1 year, 9 months ago.

  • Author
    Posts
  • #30563
    Profile photo of Luca Wirths
    Luca Wirths
    Participant

    Hi,
    I am trying to make a script which runs automatic. It have to open an remote session. But there I have troble with the credentials.
    I saved them to pw.txt. But if I want to use them it wont work.
    How can I fix that?

    Thanks for help.

    #save the password
    read-host -assecurestring | convertfrom-securestring | out-file C:\temp\pw.txt
    
    #use the password
    $pass = cat C:\temp\pw.txt | ConvertTo-SecureString
    $mycred = new-object -TypeName System.Management.Automation.PSCredential -ArgumentList "Domain\Userl", $pass
    
    New-PSSession -ComputerName dc -Credential $mycred
    
    
  • #30565
    Profile photo of Tim E Lane
    Tim E Lane
    Participant

    This works ok for me. What error are you getting?

  • #30567
    Profile photo of Mark Hammonds
    Mark Hammonds
    Participant

    I work across four domains so here is what I use. it will get the FQDN and pull the server name off leaving you with just the domain then build the file for credentials for each domain encountered.. I know its a bit long winded but im a newbie.

          # Begin load Credentials
    $serverdomain = ("$($Server.Split(".")[-2])." + "$($Server.Split(".")[-1])")
        if(!(test-path "C:\temp\encrypted.csv")){
            if(!(test-path "c:\temp")) {MD "C:\temp"}
                 $secure = Get-Credential -Message  "Please provide a password for $serverdomain\" -UserName "$serverdomain\"
                $username = $secure.UserName
                $password = convertfrom-securestring -secureString $secure.Password -key (1..16)
                $hashedcredentials.add($username, $password)
                $outputtable = $hashedcredentials.GetEnumerator() | foreach{ New-Object PSObject -Property([ordered]@{Username = $_.Name;Password = $_.Value})}
                $outputtable | Export-Csv c:\temp\encrypted.csv -NoTypeInformation
        }
    
    
    $credentials = Import-Csv "C:\temp\encrypted.csv"  
        $adminname = $credentials | ?{$_.username -like "*$serverdomain*"} | %{$_.username}
        $password = $credentials | ?{$_.username -like "*$serverdomain*"} | %{$_.password} | convertto-securestring -key (1..16)  
    
     $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $adminname,$password
    
  • #30568
    Profile photo of Luca Wirths
    Luca Wirths
    Participant

    Thanks a lot.
    Looks great! I try it tomorrow.

  • #30588
    Profile photo of Luca Wirths
    Luca Wirths
    Participant

    Im also an very newbie..
    The script doesnt work.
    Ive only set the $Server variable. But it looks like i have to set also the $hashedcredentials variable. How does it look?

  • #30599
    Profile photo of Mark Hammonds
    Mark Hammonds
    Participant

    your right I forgot to include this at the top of the script.
    $hashedcredentials = @{}

    This is what you want..

     
    
    $hashedcredentials = @{}
    
    Foreach($Server in $Servers){
    $serverdomain = ("$($Server.Split(".")[-2])." + "$($Server.Split(".")[-1])") 
    
        ######################################Domain Credentials#################################################
    if(test-path "C:\temp\encrypted.csv"){
    $credentials = Import-Csv "C:\temp\encrypted.csv"
    $adminname = $credentials | ?{$_.username -like "*$serverdomain*"} | %{$_.username}
    $password = $credentials | ?{$_.username -like "*$serverdomain*"} | %{$_.password} | convertto-securestring -key (1..16)
    } 
        if($adminname -eq $null){
                $secure = Get-Credential -Message  "Please provide a password for $serverdomain\" -UserName "$serverdomain\"
                $username = $secure.UserName
                $password = convertfrom-securestring -secureString $secure.Password -key (1..16)
                $hashedcredentials.add($username, $password)
                $outputtable = $hashedcredentials.GetEnumerator() | foreach{ New-Object PSObject -Property([ordered]@{Username = $_.Name;Password = $_.Value})}
                $outputtable | Export-Csv c:\temp\encrypted.csv -Append -NoTypeInformation 
                $credentials = Import-Csv "C:\temp\encrypted.csv" 
                $adminname = $credentials | ?{$_.username -like "*$serverdomain*"} | %{$_.username}
                $password = $credentials | ?{$_.username -like "*$serverdomain*"} | %{$_.password} | convertto-securestring -key (1..16) 
        }
        else{    
            $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $adminname,$password
        }       
        #########################################################################################################
    }
    
  • #30605
    Profile photo of Luca Wirths
    Luca Wirths
    Participant

    You've made my day! Thanks alot!

You must be logged in to reply to this topic.