So I’ve been doing quite a bit of Powershell scripting lately, and this little tid-bit came in very handy, so I thought I’d share it with you all.
In Powershell you can use the Get-Credential cmdlet to get alternate logon credentials when you need to perform a task from the shell. But the Get-Credential cmdlet won’t accept a hardcoded password in a script. So, how do you write a script that needs to run without user intervention and needs to use credentials other than those of the account used to run it?
Well, here is the answer.
First, we need to get our password, then pump it into a file. Doing this encodes the password and stores it in our output file so no-one can read it.
PS C:\> read-host -assecurestring | convertfrom-securestring | out-file C:\cred.txt
Once we have our password safely stored away, we can draw it back into our scripts..
PS C:\> $password = get-content C:\cred.txt | convertto-securestring
Then finally, we can create our credential object, which we pump into other cmdlets.
PS C:\> $credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist "myusername",$pass
There you have it, storing a password in an external file, then accessing it from your scripts. It’s a snap.
|Share this post :|