Powershell: credentials

Hello,

I need some help in passing domain credentials instead of prompting for credentials. Is it possible to save the credentials in a file securely and then somehow use this as credentials for the script.

I currently have the script prompt for domain credentials. .

$creds = get-credential

Looking forward to your assistance.

Thanks.
Parity123Asked:
Who is Participating?
 
Éric MoreauSenior .Net ConsultantCommented:
have a look at http://emoreau.com/Entries/Articles/2016/11/PowerShell-Get-O365-mailboxes-statistics.aspx and be sure to look at the comments at the bottom of the article
0
 
Britt ThompsonSr. Systems EngineerCommented:
Instead of saving it to a file (which is entirely possible and I have some logic for this) I would use the Windows Credential Vault.

https://gist.github.com/guitarrapc/c37af6978570a4da097b

This at least provides some level of security for the stored password.
1
 
Parity123Author Commented:
I tried with this:

Import-Module MSOnline

(Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Test\O365Pwd.txt"

$Office365Username = "test@test.com"
$Office365PasswordFile =  "c:\test\O365Pwd.txt"

$cred = New-Object `
                -TypeName System.Management.Automation.PSCredential `
                -ArgumentList $Office365Username, (Get-Content $Office365PasswordFile | ConvertTo-SecureString)

Connect-MsolService -Credential $cred

I am logged in as the user defined in $office365username.

This doesn't seem to work. Any suggestions please.
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
Parity123Author Commented:
I saved the password to a file using
 (Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Test\O365Pwd.txt"

My actual script is

I tried with this:

 Import-Module MSOnline


 $Office365Username = "test@test.com"
 $Office365PasswordFile =  "c:\test\O365Pwd.txt"

 $cred = New-Object `
                 -TypeName System.Management.Automation.PSCredential `
                 -ArgumentList $Office365Username, (Get-Content $Office365PasswordFile | ConvertTo-SecureString)

 Connect-MsolService -Credential $cred

 I am logged in as the user defined in $office365username.

 This doesn't seem to work. Any suggestions please.
0
 
Éric MoreauSenior .Net ConsultantCommented:
You know that this line only needs to run once to create the file and then you forget it? That line cannot be part of your script:
(Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Test\O365Pwd.txt"

Open in new window

0
 
Parity123Author Commented:
Correct. That's what I did.

My actual script is

 I tried with this:

  Import-Module MSOnline


  $Office365Username = "test@test.com"
  $Office365PasswordFile =  "c:\test\O365Pwd.txt"

  $cred = New-Object `
                  -TypeName System.Management.Automation.PSCredential `
                  -ArgumentList $Office365Username, (Get-Content $Office365PasswordFile | ConvertTo-SecureString)

  Connect-MsolService -Credential $cred

  I am logged in as the user defined in $office365username.

  This doesn't seem to work. Any suggestions please.
0
 
Éric MoreauSenior .Net ConsultantCommented:
replace the 2 ` with 2 '
0
 
Britt ThompsonSr. Systems EngineerCommented:
When outputting your credentials to a file do this -

$PassPath = "c:\test\O365Pwd.txt"
$Password = "SecureStringPassword"
ConvertFrom-SecureString $Password -key (1..16) | Out-File $($PassPath) -Encoding ASCII -Force

Open in new window


Wen importing your credentials from the file, do this -

$UserName = "test@test.com"
$Password = ConvertTo-SecureString -key (1..16) (Get-Content $PassPath -Encoding ASCII)
$Credential = New-Object -typename System.Management.Automation.PSCredential -Argumentlist $UserName, $Password

Open in new window


$Credential is what you pass to Connect-MsolService
0
 
Parity123Author Commented:
Thanks Eric. It worked, if I need to schedule the task under a different user, how would I modify this script to use the key.
0
 
Éric MoreauSenior .Net ConsultantCommented:
0
 
Parity123Author Commented:
This is the code that worked. (not clear how would you pass a KEY f)
Password file with
(Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Test\O365Pwd.txt"

and the script

Import-Module MSOnline


   $Office365Username = "test@test.com"
   $Office365PasswordFile =  "c:\test\O365Pwd.txt"

   $cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $Office365Username, (Get-Content $Office365PasswordFile | ConvertTo-SecureString)

   Connect-MsolService -Credential $cred
0
 
Éric MoreauSenior .Net ConsultantCommented:
>>(not clear how would you pass a KEY f)

In your case because the password is only for the one account it was created for, it is useless to pass a parameter to the script!
0
 
Parity123Author Commented:
The above code works only if login as test@test.com. If I login as abcde@test.com, but I need to connect as test@test.com, as per the document, I need to specify a KEY (-key ....) to make this work. Not sure how to pass this.
0
 
Éric MoreauSenior .Net ConsultantCommented:
this is exactly  why I told you to look at the comments at the bottom of my article. This leads you to https://technet.microsoft.com/en-us/library/dd315356.aspx. From that page, check the Example 3
0
 
Parity123Author Commented:
Ok. I used Britt's code for the key, and I modified 1 line from
$Password = "SecureStringPassword"
to
$Password = read-host -assecurestring
and it works.

Thanks to Eric and Britt.
0
 
Parity123Author Commented:
Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.