Powershell get Credential list from a remote computer

I need to get a list of Credentials from a remote computer for each User - so I can duplicate the entries if the computer is repaced.
I don't need the entire credentials, just what they are as if one had run Manage Windows Credentials on the remote computer - or a reasonable facsimile thereof that provides the:
- Current User logged on
- Internet or network address
- User name for the target computer (I have this if necessary but it would be good to be on the list).
- Password -- I HAVE THIS.

Is there a command that will do this?  I've not found it.
LVL 27
Fred MarshallPrincipalAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Zaheer IqbalTechnical Assurance & ImplementationCommented:
0
PberSolutions ArchitectCommented:
As Zaheer mentioned, CMDKEY is probably your best bet.  Just invoke it from within PowerShell.  I did also find a script that will likely do what you want within PowerShell, however because you can't access the Credential Manager directly from PowerShell, the script invokes C# from within the code.  See here:
https://gallery.technet.microsoft.com/scriptcenter/PowerShell-Credentials-d44c3cde
1
yo_beeDirector of Information TechnologyCommented:
Do you have a plan saving this info?

I wrote this VBS a while back to collect this info plus much more. This script runs at logon for all users and writes to a SQL DB.

	on error resume next
	Const adOpenStatic = 3
	Const adLockOptimistic = 3
	Const adUseClient = 3
	' Set the WMI Time,ADODB Connection and Recordset Objects
	Set objSWbemDateTime = CreateObject("WbemScripting.SWbemDateTime")
	Set objConnection = CreateObject("ADODB.Connection")
	Set objRecordset = CreateObject("ADODB.Recordset")

	Dim StrComputerName, StrUser, strManufacturer, StrModel, StrSN, StrIP,StrMAC, IP

'************************************************************************************
'Data Collection								    *
'************************************************************************************
	'sets the WMI Object for all upcoming collections
	'This Object can reused for any Collection connection required
'************************************************************************************
	set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\." _
								&"\root\cimv2")
'************************************************************************************
	'Collects the basic Computer System information 
	'by connecting to the Win32_ComputerSystem Class
	'UserName,ComputerName of the User, Make and Model of the computer
'************************************************************************************
	 Set colSystems = objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem")
		For Each objSystem In colSystems
			strComputerName = objSystem.name
			strModel = objsystem.Model
			strManufacturer = objsystem.Manufacturer
			If Not (ISNULL(objsystem.UserName)) then 
				strUser = Split(objsystem.UserName,"\")
				strUser(1) = UCase(Left(strUser(1),1))_
				& Trim(Mid(strUser(1),2,20))
			else
				Struser = split("\RDP-Session","\")
				strUser(1) = UCase(Left(strUser(1),1))_
				& Trim(Mid(strUser(1),2,20))
			End If
		next
'************************************************************************************
	'Collects the Computer's Serial Number by connecting to the Win32_Bios Class
'************************************************************************************
	Set colSMBIOS = objWMIService.ExecQuery _
		("Select * from Win32_bios")
	For Each objSMBIOS in colSMBIOS
		strSN = objSMBIOS.SerialNumber
    Next
'************************************************************************************
	'Collects the Computers IP and MAC address by connecting to the 
	'Win32_NetworkAdapterConfiguration.  
	'If the IP-Address does not have 192. in the beginning then 
	'nothing is recorded for the item 
	'If the item has 192. in the beginning then the item is recorded
	'as well as the MAC
'************************************************************************************
	Set ColIP =objWMIService.ExecQuery("Select * from Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'True'")
			
		For Each IPConfig in Colip
				If Not IsNull(IPConfig.IPAddress)  Then 
					For i = lbound(IPConfig.IPAddress) to ubound(IPConfig.IPAddress) 
							IP = IPConfig.IPAddress(i)
						
					If instr(ip,"192.")  then
						If i = 0 then
							 
							Strip = ip
							StrMAC = IPConfig.MacAddress 
							
						else
							Strip = Strip & ", " & ip 
								If StrMAC <> IPConfig.MacAddress then
									StrMac = StrMac & ", " & IPConfig.MacAddress
								end if		
						End if
					end if
					next
				End If
		Next

			
	'
'************************************************************************************
	'This will collect the logon session time
	'It is not needed for this script, but it was left here for
	'future possibilities. 
	'It was originally put in the script to create a unique ID for the 
	'for the record being created by creating a string yyyymmddhhMMSS
'************************************************************************************
	Set ColLogon = objwmiservice.execquery("Select * from Win32_LogonSession Where LogonType = 2")

		For Each objLogon in ColLogon
			strDate = WMIDateStringToDate(objlogon.StartTime)
			strTime = WMIDateStringTotime(objlogon.StartTime)
			objSWbemDateTime.value = Objlogon.starttime
			vtdLogonTime = objSWbemDateTime.GetVarDate(true)
			StrDateDiff = DATEDIFF("s", vtdLogonTime ,now)
			
		Next

	StrID= year(vtdLogonTime) & month(vtdLogonTime) & day(vtdLogonTime) & Hour(vtdLogonTime) & Minute(vtdLogonTime) & Second(vtdLogonTime)


'************************************************************************************
'*			            Connection to the Datadase									*
'************************************************************************************
'************************************************************************************
	'Creates the ADODB Connection string 
'************************************************************************************
	strConnect = "Provider = SQLOLEDB.1;Data Source=xxxSQL04;Initial Catalog=Inventory;User ID='sa';Password='**********'"
'************************************************************************************
	'Connects to the Database using the ADODB.connection object created earlier
'************************************************************************************	
	objConnection.Open strConnect
'************************************************************************************
	'This is the part the records the new records to the database
	'There is an IF Than Statement that is currently still in the 
	'script to challenge the computer name and if it does not match
	'flhcitrix the script continues to record else the script is 
	'ended.
	'At the end of the script the recordset and connection is
	'closed
'************************************************************************************
		If lcase(strComputerName) <> "xxxxxxxxxx" then

	objRecordset.CursorLocation = adUseClient
	objRecordset.Open "SELECT * FROM Table1_1" , objConnection, _
		adOpenStatic, adLockOptimistic
		
		objRecordset.AddNew
		objRecordset("ID") = strID
		objRecordset("ComputerName")= StrComputerName
		objRecordset("UserName")= StrUser(1)
		objRecordset("ComputerManufacturer")= strManufacturer
		objRecordset("ComputerModel")= strModel
		objRecordset("ComputerSN")= strSN
		objrecordset("Recorddate") = now
		objrecordset("IPAddress") = StrIP
		Objrecordset("macaddress") = StrMac
		
		objRecordset.Update
		
		else
		wscript.quit
		end if

	objRecordset.Close
	objConnection.Close
'************************************************************************************

'************************************************************************************
'*								Function											*
'************************************************************************************
	'This function is to convert WMI DateTime to a standard readable US Date format
	' mm/dd/yyyy
	Function WMIDateStringToDate(dtmInstallDate)

	 WMIDateStringToDate = CDate(Mid(dtmInstallDate, 5, 2) & "/" & _
	 Mid(dtmInstallDate, 7, 2) & "/" & Left(dtmInstallDate, 4))
	End Function
'************************************************************************************
	'This function is to convert WMI DateTime to a standard readable US Time Format
	' hh:MM:ss
'************************************************************************************
	Function WMIDateStringTotime(dtmInstallDate)

	 WMIDateStringTotime = CDate(Mid(dtmInstallDate, 9, 2) & ":" & _
	 Mid(dtmInstallDate, 11, 2) & ":" & Mid(dtmInstallDate,13, 2))

	End Function
'************************************************************************************

Open in new window

1
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

Fred MarshallPrincipalAuthor Commented:
I get the sense that going down this path is to engage more stuff than I need.  
I don't need to change credentials on a remote machine.
I don't need to create credentials on a remote machine.
I only need to read/list existing credentials WITHOUT knowing what they are a priori as in User.
The ideal output would be something like:

On Computer 1 there are credentials for:
Target B: / User C:
Target C: / User D:
On computer 2 there are credentials for:
Target E: / User F:
etc.
and that's all....
0
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
I doubt you'll get a better answer. W8 and later allows direct access to the credential store from PowerShell using the Windows.Security.Credentials.PasswordVault class, but prior to that you have to rely on API calls imported by DLLs or "external" tools like cmdkey. Neither works remote, and for any user different from the currently logged in.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Fred MarshallPrincipalAuthor Commented:
Thanks all!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.