2

When I run below script from local machine on the server name stired ub vnfqdn.txt, script pauses and asks me to enter username and credentials. I want to provide password automatically in the script in secured way. can you help me to add any command in below scrip which can help. 

$hostname=get-content C:\temp\vmfqdn.txt
$patchetest=Invoke-Command -ComputerName $hostname -Credential domain\username -ScriptBlock {(Get-HotFix -id "KB4534271").HotFixID}
if($patchetest -eq "KB4534271"){
   write-host("Patch KB4534271 is installed")
} else {
   write-host("Patch is not installed")
}

'''
how to add credentials in power shell script, so that when i run the script it wont ask for password, I do not want password to be seen in the script.

note- Above script works fine when I provide password manually when window asking for password prompts up.
Ian Kemp
  • 28,293
  • 19
  • 112
  • 138
Vinit S
  • 39
  • 10
  • Run the script from the scheduler with the right username you want. – f6a4 Feb 07 '20 at 13:49
  • The linked post shows how to save credentials to a file and decrypt them later. Note: Use this technique _on Windows only_. It only works for a given user account, on a given machine. – mklement0 Feb 07 '20 at 15:46

2 Answers2

2

You can use Export-CLIXML to export the credential object. You could also prompt for a secure password and then convert that to a string, etc. But this is the fast way.

try { $creds = Import-Clixml -Path "credentials.xml" }catch { $creds = Get-Credential }
$creds | Export-Clixml -Path "credentials.xml"
jadenguy
  • 21
  • 4
  • Nice; worth mentioning that this shouldn't be used on Unix-like platforms (macOS, Linux), because no encryption would be applied there. – mklement0 Feb 07 '20 at 16:42
  • can you please help me with putting this in my script mentioned above? and what should be the format of .xml? – Vinit S Feb 10 '20 at 10:12
  • Paste my code above yours and replace `-Credential domain\username` with `-Credential $creds` This is encrypted to only work with your account on your computer, so you'll need to run the script AS the user that will execute it on the system that will execute it. – jadenguy Feb 12 '20 at 17:22
1

Jaap Brasser (MVP) has a great blog about this: https://www.jaapbrasser.com/quickly-and-securely-storing-your-credentials-powershell/

baswijdenesdotcom
  • 185
  • 1
  • 1
  • 12
  • 1
    While the linked page may answer the question, it is [better to include the essential parts _here_](http://meta.stackexchange.com/a/8259/248777) and provide the link only for reference / additional information. Link-only answers can become invalid if the linked page disappears or changes substantially. If you can only offer a link, please consider posting it as a _comment_ rather than as an answer. – mklement0 Feb 07 '20 at 15:44
  • Hi All this is solved. below is the solution $a = Get-Content C:\users\pwd.txt $securePassword = $a | ConvertTo-SecureString $MyCredential=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "username", $securePassword and then using $mycredential whenever your script requires authentication. – Vinit S Feb 11 '20 at 11:39