0

I'm looking for some good practice.

I have a Powershell script that will execute an action on another system using selected user/password combo (for a handful of users). My first thought was to use simple CSV together with the script, but maybe there's some better way to do this?

EDIT: Seems you all think I'm overcomplicating this, but I'm really not :-)

I am making a script, hosted on server not accessible by teammembers, that reaches out to 3rd party API that uses keys, and the keys need to be user per-member for accountability.

On the other end, the script reaches out to the support system, and from there is takes name of teammember.

Looks pretty much like this: helpdesk <- script -> 3rd party API

In other words, noone touches the script by hand (it's ran from Task Scheduler), but the script needs to ID whose request it's processing, then read appropriate API key and use this key to perform action on 3rd party server.

I think that using CSV in this case will suffice (entire account from which the script runs is EFS-encrypted), but wanted to ask how to actually code it in a nice way in PS.

StanTastic
  • 311
  • 3
  • 18
  • 5
    Storing credentials is an extremely bad practice, and doing it in cleartext is even worse. I suggest you rethink the problem entirely. – Jeff Zeitlin Mar 11 '19 at 11:22
  • 2
    I was about to say: use the credential manager and/or encrypt them so you can only use them under your own account. But I agree with @Jeff, you shouldn't even know the passwords of the others... – iRon Mar 11 '19 at 11:38
  • 2
    Possible duplicate of [save PSCredential in the file](https://stackoverflow.com/questions/40029235/save-pscredential-in-the-file) – vonPryz Mar 11 '19 at 11:38
  • Or you can use a password manager like KeePass and use the [PSKeePass](https://github.com/PSKeePass/PoShKeePass) module on GitHub. – Theo Mar 11 '19 at 12:02
  • 1
    This sounds very much like an [X-Y problem](http://mywiki.wooledge.org/XyProblem). Please take a step back and describe the actual problem you're trying to solve instead of what you perceive as the solution. What do you need the different credentials for? – Ansgar Wiechers Mar 11 '19 at 12:04
  • Edited for clarity. – StanTastic Mar 12 '19 at 10:38

0 Answers0