• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 122
  • Last Modified:

Powershell get Credential list from a remote computer

I need to get a list of Credentials from a remote computer for each User - so I can duplicate the entries if the computer is repaced.
I don't need the entire credentials, just what they are as if one had run Manage Windows Credentials on the remote computer - or a reasonable facsimile thereof that provides the:
- Current User logged on
- Internet or network address
- User name for the target computer (I have this if necessary but it would be good to be on the list).
- Password -- I HAVE THIS.

Is there a command that will do this?  I've not found it.
0
Fred Marshall
Asked:
Fred Marshall
4 Solutions
 
Zaheer IqbalTechnical Assurance & ImplementationCommented:
0
 
PberSolutions ArchitectCommented:
As Zaheer mentioned, CMDKEY is probably your best bet.  Just invoke it from within PowerShell.  I did also find a script that will likely do what you want within PowerShell, however because you can't access the Credential Manager directly from PowerShell, the script invokes C# from within the code.  See here:
https://gallery.technet.microsoft.com/scriptcenter/PowerShell-Credentials-d44c3cde
1
 
yo_beeDirector of Information TechnologyCommented:
Do you have a plan saving this info?

I wrote this VBS a while back to collect this info plus much more. This script runs at logon for all users and writes to a SQL DB.

	on error resume next
	Const adOpenStatic = 3
	Const adLockOptimistic = 3
	Const adUseClient = 3
	' Set the WMI Time,ADODB Connection and Recordset Objects
	Set objSWbemDateTime = CreateObject("WbemScripting.SWbemDateTime")
	Set objConnection = CreateObject("ADODB.Connection")
	Set objRecordset = CreateObject("ADODB.Recordset")

	Dim StrComputerName, StrUser, strManufacturer, StrModel, StrSN, StrIP,StrMAC, IP

'************************************************************************************
'Data Collection								    *
'************************************************************************************
	'sets the WMI Object for all upcoming collections
	'This Object can reused for any Collection connection required
'************************************************************************************
	set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\." _
								&"\root\cimv2")
'************************************************************************************
	'Collects the basic Computer System information 
	'by connecting to the Win32_ComputerSystem Class
	'UserName,ComputerName of the User, Make and Model of the computer
'************************************************************************************
	 Set colSystems = objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem")
		For Each objSystem In colSystems
			strComputerName = objSystem.name
			strModel = objsystem.Model
			strManufacturer = objsystem.Manufacturer
			If Not (ISNULL(objsystem.UserName)) then 
				strUser = Split(objsystem.UserName,"\")
				strUser(1) = UCase(Left(strUser(1),1))_
				& Trim(Mid(strUser(1),2,20))
			else
				Struser = split("\RDP-Session","\")
				strUser(1) = UCase(Left(strUser(1),1))_
				& Trim(Mid(strUser(1),2,20))
			End If
		next
'************************************************************************************
	'Collects the Computer's Serial Number by connecting to the Win32_Bios Class
'************************************************************************************
	Set colSMBIOS = objWMIService.ExecQuery _
		("Select * from Win32_bios")
	For Each objSMBIOS in colSMBIOS
		strSN = objSMBIOS.SerialNumber
    Next
'************************************************************************************
	'Collects the Computers IP and MAC address by connecting to the 
	'Win32_NetworkAdapterConfiguration.  
	'If the IP-Address does not have 192. in the beginning then 
	'nothing is recorded for the item 
	'If the item has 192. in the beginning then the item is recorded
	'as well as the MAC
'************************************************************************************
	Set ColIP =objWMIService.ExecQuery("Select * from Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'True'")
			
		For Each IPConfig in Colip
				If Not IsNull(IPConfig.IPAddress)  Then 
					For i = lbound(IPConfig.IPAddress) to ubound(IPConfig.IPAddress) 
							IP = IPConfig.IPAddress(i)
						
					If instr(ip,"192.")  then
						If i = 0 then
							 
							Strip = ip
							StrMAC = IPConfig.MacAddress 
							
						else
							Strip = Strip & ", " & ip 
								If StrMAC <> IPConfig.MacAddress then
									StrMac = StrMac & ", " & IPConfig.MacAddress
								end if		
						End if
					end if
					next
				End If
		Next

			
	'
'************************************************************************************
	'This will collect the logon session time
	'It is not needed for this script, but it was left here for
	'future possibilities. 
	'It was originally put in the script to create a unique ID for the 
	'for the record being created by creating a string yyyymmddhhMMSS
'************************************************************************************
	Set ColLogon = objwmiservice.execquery("Select * from Win32_LogonSession Where LogonType = 2")

		For Each objLogon in ColLogon
			strDate = WMIDateStringToDate(objlogon.StartTime)
			strTime = WMIDateStringTotime(objlogon.StartTime)
			objSWbemDateTime.value = Objlogon.starttime
			vtdLogonTime = objSWbemDateTime.GetVarDate(true)
			StrDateDiff = DATEDIFF("s", vtdLogonTime ,now)
			
		Next

	StrID= year(vtdLogonTime) & month(vtdLogonTime) & day(vtdLogonTime) & Hour(vtdLogonTime) & Minute(vtdLogonTime) & Second(vtdLogonTime)


'************************************************************************************
'*			            Connection to the Datadase									*
'************************************************************************************
'************************************************************************************
	'Creates the ADODB Connection string 
'************************************************************************************
	strConnect = "Provider = SQLOLEDB.1;Data Source=xxxSQL04;Initial Catalog=Inventory;User ID='sa';Password='**********'"
'************************************************************************************
	'Connects to the Database using the ADODB.connection object created earlier
'************************************************************************************	
	objConnection.Open strConnect
'************************************************************************************
	'This is the part the records the new records to the database
	'There is an IF Than Statement that is currently still in the 
	'script to challenge the computer name and if it does not match
	'flhcitrix the script continues to record else the script is 
	'ended.
	'At the end of the script the recordset and connection is
	'closed
'************************************************************************************
		If lcase(strComputerName) <> "xxxxxxxxxx" then

	objRecordset.CursorLocation = adUseClient
	objRecordset.Open "SELECT * FROM Table1_1" , objConnection, _
		adOpenStatic, adLockOptimistic
		
		objRecordset.AddNew
		objRecordset("ID") = strID
		objRecordset("ComputerName")= StrComputerName
		objRecordset("UserName")= StrUser(1)
		objRecordset("ComputerManufacturer")= strManufacturer
		objRecordset("ComputerModel")= strModel
		objRecordset("ComputerSN")= strSN
		objrecordset("Recorddate") = now
		objrecordset("IPAddress") = StrIP
		Objrecordset("macaddress") = StrMac
		
		objRecordset.Update
		
		else
		wscript.quit
		end if

	objRecordset.Close
	objConnection.Close
'************************************************************************************

'************************************************************************************
'*								Function											*
'************************************************************************************
	'This function is to convert WMI DateTime to a standard readable US Date format
	' mm/dd/yyyy
	Function WMIDateStringToDate(dtmInstallDate)

	 WMIDateStringToDate = CDate(Mid(dtmInstallDate, 5, 2) & "/" & _
	 Mid(dtmInstallDate, 7, 2) & "/" & Left(dtmInstallDate, 4))
	End Function
'************************************************************************************
	'This function is to convert WMI DateTime to a standard readable US Time Format
	' hh:MM:ss
'************************************************************************************
	Function WMIDateStringTotime(dtmInstallDate)

	 WMIDateStringTotime = CDate(Mid(dtmInstallDate, 9, 2) & ":" & _
	 Mid(dtmInstallDate, 11, 2) & ":" & Mid(dtmInstallDate,13, 2))

	End Function
'************************************************************************************

Open in new window

1
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
Fred MarshallPrincipalAuthor Commented:
I get the sense that going down this path is to engage more stuff than I need.  
I don't need to change credentials on a remote machine.
I don't need to create credentials on a remote machine.
I only need to read/list existing credentials WITHOUT knowing what they are a priori as in User.
The ideal output would be something like:

On Computer 1 there are credentials for:
Target B: / User C:
Target C: / User D:
On computer 2 there are credentials for:
Target E: / User F:
etc.
and that's all....
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
I doubt you'll get a better answer. W8 and later allows direct access to the credential store from PowerShell using the Windows.Security.Credentials.PasswordVault class, but prior to that you have to rely on API calls imported by DLLs or "external" tools like cmdkey. Neither works remote, and for any user different from the currently logged in.
1
 
Fred MarshallPrincipalAuthor Commented:
Thanks all!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now