Powershell: credentials

Hello,

I need some help in passing domain credentials instead of prompting for credentials. Is it possible to save the credentials in a file securely and then somehow use this as credentials for the script.

I currently have the script prompt for domain credentials. .

$creds = get-credential

Looking forward to your assistance.

Thanks.
Parity123Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Éric MoreauSenior .Net ConsultantCommented:
have a look at http://emoreau.com/Entries/Articles/2016/11/PowerShell-Get-O365-mailboxes-statistics.aspx and be sure to look at the comments at the bottom of the article
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Britt ThompsonSr. Systems EngineerCommented:
Instead of saving it to a file (which is entirely possible and I have some logic for this) I would use the Windows Credential Vault.

https://gist.github.com/guitarrapc/c37af6978570a4da097b

This at least provides some level of security for the stored password.
1
Parity123Author Commented:
I tried with this:

Import-Module MSOnline

(Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Test\O365Pwd.txt"

$Office365Username = "test@test.com"
$Office365PasswordFile =  "c:\test\O365Pwd.txt"

$cred = New-Object `
                -TypeName System.Management.Automation.PSCredential `
                -ArgumentList $Office365Username, (Get-Content $Office365PasswordFile | ConvertTo-SecureString)

Connect-MsolService -Credential $cred

I am logged in as the user defined in $office365username.

This doesn't seem to work. Any suggestions please.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Parity123Author Commented:
I saved the password to a file using
 (Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Test\O365Pwd.txt"

My actual script is

I tried with this:

 Import-Module MSOnline


 $Office365Username = "test@test.com"
 $Office365PasswordFile =  "c:\test\O365Pwd.txt"

 $cred = New-Object `
                 -TypeName System.Management.Automation.PSCredential `
                 -ArgumentList $Office365Username, (Get-Content $Office365PasswordFile | ConvertTo-SecureString)

 Connect-MsolService -Credential $cred

 I am logged in as the user defined in $office365username.

 This doesn't seem to work. Any suggestions please.
0
Éric MoreauSenior .Net ConsultantCommented:
You know that this line only needs to run once to create the file and then you forget it? That line cannot be part of your script:
(Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Test\O365Pwd.txt"

Open in new window

0
Parity123Author Commented:
Correct. That's what I did.

My actual script is

 I tried with this:

  Import-Module MSOnline


  $Office365Username = "test@test.com"
  $Office365PasswordFile =  "c:\test\O365Pwd.txt"

  $cred = New-Object `
                  -TypeName System.Management.Automation.PSCredential `
                  -ArgumentList $Office365Username, (Get-Content $Office365PasswordFile | ConvertTo-SecureString)

  Connect-MsolService -Credential $cred

  I am logged in as the user defined in $office365username.

  This doesn't seem to work. Any suggestions please.
0
Éric MoreauSenior .Net ConsultantCommented:
replace the 2 ` with 2 '
0
Britt ThompsonSr. Systems EngineerCommented:
When outputting your credentials to a file do this -

$PassPath = "c:\test\O365Pwd.txt"
$Password = "SecureStringPassword"
ConvertFrom-SecureString $Password -key (1..16) | Out-File $($PassPath) -Encoding ASCII -Force

Open in new window


Wen importing your credentials from the file, do this -

$UserName = "test@test.com"
$Password = ConvertTo-SecureString -key (1..16) (Get-Content $PassPath -Encoding ASCII)
$Credential = New-Object -typename System.Management.Automation.PSCredential -Argumentlist $UserName, $Password

Open in new window


$Credential is what you pass to Connect-MsolService
0
Parity123Author Commented:
Thanks Eric. It worked, if I need to schedule the task under a different user, how would I modify this script to use the key.
0
Éric MoreauSenior .Net ConsultantCommented:
0
Parity123Author Commented:
This is the code that worked. (not clear how would you pass a KEY f)
Password file with
(Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Test\O365Pwd.txt"

and the script

Import-Module MSOnline


   $Office365Username = "test@test.com"
   $Office365PasswordFile =  "c:\test\O365Pwd.txt"

   $cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $Office365Username, (Get-Content $Office365PasswordFile | ConvertTo-SecureString)

   Connect-MsolService -Credential $cred
0
Éric MoreauSenior .Net ConsultantCommented:
>>(not clear how would you pass a KEY f)

In your case because the password is only for the one account it was created for, it is useless to pass a parameter to the script!
0
Parity123Author Commented:
The above code works only if login as test@test.com. If I login as abcde@test.com, but I need to connect as test@test.com, as per the document, I need to specify a KEY (-key ....) to make this work. Not sure how to pass this.
0
Éric MoreauSenior .Net ConsultantCommented:
this is exactly  why I told you to look at the comments at the bottom of my article. This leads you to https://technet.microsoft.com/en-us/library/dd315356.aspx. From that page, check the Example 3
0
Parity123Author Commented:
Ok. I used Britt's code for the key, and I modified 1 line from
$Password = "SecureStringPassword"
to
$Password = read-host -assecurestring
and it works.

Thanks to Eric and Britt.
0
Parity123Author Commented:
Thanks.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.