Solved

how can i pass through credentials in this powershell script

Posted on 2014-10-28
12
1,057 Views
Last Modified: 2014-11-01
can someone provide a way to pass through credentials in the following script? the target DNS server is in a workgroup:

$val1 = Read-host "Please Enter the hostname"
$val2 = Read-Host "Please enter the ip address"

$cmdval = "dnscmd 10.2.3.4 /recordadd mydomain.com $val1.mydomain.com. A $val2"
Invoke-Expression $cmdval  

Open in new window


thx in advance,

S.
0
Comment
Question by:siber1
12 Comments
 
LVL 29

Assisted Solution

by:becraig
becraig earned 167 total points
ID: 40409864
Try wrapping the last piece as an invoke-command instead of a invoke-expression.

You will also have to pass in the credentials.

$uid = whoami
$passwd = Read-Host -AsSecureString "Enter Your Password:"
$cred = New-Object System.Management.Automation.PSCredential ($uid, $passwd)
$val1 = Read-host "Please Enter the hostname"
$val2 = Read-Host "Please enter the ip address"

$cmdval = "dnscmd 10.2.3.4 /recordadd mydomain.com $val1.mydomain.com. A $val2"
Invoke-Command -Credential $cred-ScriptBlock { iex $cmdval }

Open in new window


EDIT:
You can  edit $uid to be a value the user puts in as well, for now we just read the logged in user's id.

$uid = Read-host "Please Enter username Domain\user"
0
 

Author Comment

by:siber1
ID: 40409900
hi becraig, when I run the script and enter the userID / password / host record and IP address, it then prompts again with a pop-up "windows powershell credential request" box with the username filled in of:
System.Management.Automation.PSCredential-ScriptBlock

pls advise... thx
0
 
LVL 29

Expert Comment

by:becraig
ID: 40409931
Seems there are some issues with the command syntax.

Try this:
$uid = Read-Host "Please Enter your username e.g. Domain\username"
$passwd = Read-Host -AsSecureString "Enter Your Password"
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $uid, $passwd
$computer = hostname
Invoke-Command -Credential $cred -ComputerName $computer -ScriptBlock {
	$val1 = Read-host "Please Enter the hostname"
	$val2 = Read-Host "Please enter the ip address"
	$cmdval = "dnscmd 10.2.3.4 /recordadd mydomain.com $val1.mydomain.com. A $val2"
	iex $cmdval
}

Open in new window

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:siber1
ID: 40409940
q: what should I enter for this line:  $computer = hostname
would I enter the target DNS server name for "hostname" ?
0
 
LVL 29

Expert Comment

by:becraig
ID: 40409947
$computer = hostname

The variable is populated by the command "hostname"
So it just runs the command and populates the variable $computer with whatever value the hostname command returns.

This is just so invoke command knows the local computer we are running the script from.
0
 

Author Comment

by:siber1
ID: 40409948
looks like it doesn't like the remote authentication, here is the error:
[dnsserver01] Connecting to remote server failed with the following error message : WinRM cannot process the request.
 The following error occured while using Kerberos authentication: There are currently no logon servers available to ser
vice the logon request.
 Possible causes are:
  -The user name or password specified are invalid.
  -Kerberos is used when no authentication method and no user name are specified.
  -Kerberos accepts domain user names, but not local user names.
  -The Service Principal Name (SPN) for the remote computer name and port does not exist.
  -The client and remote computers are in different domains and there is no trust between the two domains.
 After checking for the above issues, try the following:
  -Check the Event Viewer for events related to authentication.
  -Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or us
e HTTPS transport.
 Note that computers in the TrustedHosts list might not be authenticated.
   -For more information about WinRM configuration, run the following command: winrm help config. For more information,
 see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OpenError: (:) [], PSRemotingTransportException
    + FullyQualifiedErrorId : PSSessionStateBroken

Open in new window

0
 
LVL 29

Expert Comment

by:becraig
ID: 40409957
Just so I have a clearly picture, what specifically is the reason for passing the credentials?

Are we trying to ensure the currently logged in user authenticates to the dns server ?
0
 

Author Comment

by:siber1
ID: 40409963
sure, we would like to add host A records to a remote DNS server, the target server is in a workgroup, in order for us to add the records with your script we need to authenticate to the workgroup DNS server, or we get access denied when trying to run the script.

running it locally on the DNS workgroup server works fine.

thx
0
 
LVL 29

Expert Comment

by:becraig
ID: 40409967
ok so you will have credentials you will provide that users will give that allows them to authenticate to the DNS servers ?


If so we can take a gamble on psexec

$uid = Read-Host "Please Enter your username e.g. Domain\username"
$passwd = Read-Host -AsSecureString "Enter Your Password"
$svcpwdr = [System.Runtime.InteropServices.Marshal]::SecureStringToCoTaskMemUnicode($passwd)
$svcpwd = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($svcpwdr)

$val1 = Read-host "Please Enter the hostname"
$val2 = Read-Host "Please enter the ip address"
$cmdval = "dnscmd 10.2.3.4 /recordadd mydomain.com $val1.mydomain.com. A $val2"
iex psexec /accepteula -u $uid -p $svcpwd \\$val1 cmd /c $cmdval

Open in new window

0
 
LVL 10

Accepted Solution

by:
JoeKlimis earned 167 total points
ID: 40410263
Hi

I don't like using psexec , I create remote scheduled tasks instead ,  as many environments I work in don't allow uploads of EXE's to there servers.

A really good post that explains howto do this can be found HERE

Its slightly more complicated to set-up , but works like a dream. if you need help going in this direction let me know
Regards
Joe
0
 
LVL 11

Assisted Solution

by:stefor
stefor earned 166 total points
ID: 40410541
$Computername = "RemoteComputerName"
# Use one of them
$Credential = New-Object System.Management.Automation.PSCredential ($Username, $Password)
# $Credential = Get-Credential

$val1 = Read-host "Please Enter the hostname"
$val2 = Read-Host "Please enter the ip address"

Invoke-Command -Computername $Computername -Argumentlist $val1,$val2 -Credential $Credential -ScriptBlock {
	Param($val1,$val2)
	$cmdval = "dnscmd 10.2.3.4 /recordadd mydomain.com $val1.mydomain.com. A $val2"
	Invoke-Expression $cmdval
}

Open in new window

0
 

Author Closing Comment

by:siber1
ID: 40417519
thx much. both solutions get us what we need.

-S.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question