1

In my .ps1 file I want to execute a job and send the result through email. I want the password to not be readable, so I encrypt it by doing this on beforehand.

$password = read-host -prompt "Enter your Password"
write-host "$password is password"
$secure = ConvertTo-SecureString $password -force -asPlainText
$bytes = ConvertFrom-SecureString $secure
$bytes | out-file .\securepassword.txt

Works just fine so far.

Then I want to use the secured password inside the .ps1, which is where I'm having difficulties. I've tried a bunch of variations, but I think this is my most solid attempt so far:

 $usercred = "myemail@gmail.com"
 $encryptedpw = Get-Content .\securepassword.txt
 $pwcred = $ecryptedpw | ConvertTo-SecureString

When I try to use this in my $smtp.credentials like this:

$smtp.Credentials = New-Object System.Net.NetworkCredential($usercred, $pwcred);

it outputs the following error The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required. at the $smtp.send($msg)

And I know the password is the issue (at least I'm pretty sure), because if I manually type it in - it works just fine. Any ideas?

_ edit 1 _

Below is the whole send-mail part if anyone wonder:

# Send Notification if alert $i is greater then 0 
if ($i -gt 0) 
{ 
    foreach ($user in $users) 
{ 

  $smtpServer = "smtp.gmail.com" 
  $port = "587"
  $smtp.EnableSSL = $true
  $smtp = New-Object Net.Mail.SmtpClient($smtpServer, $port) 
  $smtp.EnableSsl = $true 
  $smtp.Credentials = New-Object System.Net.NetworkCredential($usercred, $pwcred);
  $msg = New-Object Net.Mail.MailMessage 
  $msg.To.Add($user) 
        $msg.From = "myemail@gmail.com" 
  $msg.Subject = "Environment DiskSpace Report for $titledate" 
        $msg.IsBodyHTML = $true 
        $msg.Body = get-content $blablabla
  $smtp.Send($msg) 
        $body = "" 
    } 
  }
MadsTheMan
  • 705
  • 1
  • 10
  • 32

2 Answers2

1

Thanks to a few inputs here I was able to work out a solution. I think another factor also played a role in this.

1) I encrypted the password from another machine, which I apparently should not. I noticed the result of the encryption differentiated based on which computer that did the encryption (someone feel free to explain this one).

2) The code I ended up with was the following:

$usercred = "myemail@gmail.com" $encryptedpw = Get-Content .\securepassword.txt $password = ConvertTo-SecureString -String $encryptedpw

and then 

$smtp.Credentials = New-Object System.Net.NetworkCredential($usercred, $password);
MadsTheMan
  • 705
  • 1
  • 10
  • 32
  • 1
    SecureStrings are stored using DPAPI, which basically means it's encrypted with the user's credentials. If you're on a different PC, you won't have the same user available (unless it's a domain user), and so won't have the necessary information to decrypt the string. – mwfearnley Jan 24 '18 at 11:59
0

Based on the answers of this link you can try the following:

$cred=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, (Get-Content $FileWhereYouIsStored | ConvertTo-SecureString)
$smtp.Credentials = New-Object System.Net.NetworkCredential($cred.UserName, $cred.Password);

Hope that helps

Moerwald
  • 10,448
  • 9
  • 43
  • 83
  • Thanks for your suggestion. I've tried something similar, but this one was a bit different. However, It seems to output the same error. Weird huh? – MadsTheMan May 26 '17 at 07:14