about_CredentialsManager.help.txt

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
Credentials Manager module, version 0.90
author: Igor Iric, iricigor@gmail.com
- - - - - - - - - - - - - - - - - - - - - - - - - - -
 
The module Credentials Manager provides you with convinient and safe way to store your credentials to file system and effectvly re-use them in your scripts.
 
List of commands:
Write-Credential
Read-Credential
 
Credentials are saved in encrypted files, i.e. only user that saved them, can decrypt it.
All commands have documented help system. Type Get-Help about_CredentialsManager, or Get-Command -Module CredentialsManager for more info.
 
 
Commands overview
- - - - - - - - -
Write-Credential [-Environment] <String[]> [[-Path] <String>] [-PassThru] # stores credentials in encrypted form to disk
Read-Credential -Environment <String[]> [-Path <String>] [<CommonParameters>] # reads credentials from disk
Read-Credential [-Path <String>] -ListAvailable [<CommonParameters>] # lists all available credentials
Commands support multiple credentials at same path (folder), identified with Environment parameter.
Default path (folder) %APPDATA%\CredentialsManager can be changed to any value, including network shares.
 
Security notes
- - - - - - - -
Even if administrators or other users do have access to credentials files (i.e. on a network shares), they will not be able to decrypt it.
Function is using ConvertTo-SecureString with -AsPlainText parameter to process Username parameter which is by default passed as plain text. It is saved as encrypted data to disk.
 
Examples
- - - -
Write-Credential Dev # User is prompted for credentials (user name and password) which are saved to default location
Write-Credential BAcc -Path P:\cred # User is prompted for credentials for B account, which are afterwards saved to P: disk
 
$Cred = Read-Credential -Environment Dev # Gets username and password from files saved in repository and saves it in variable
Get-WMIObject Win32_Service -Computer DC1 -Credential (Read-Credential -Environment Dev) # Gets credentials from repository and directly uses it in network operation
Get-Item '\\dfs\restricted\*' -Credential (Read-Credential -Environment BAcc) # Gets B account credentials from repository and directly uses it to access restricted folder content
 
 
Version history
- - - - - - - -
0.90 - Nov '15 - initial Public release, 2 functions Read, Write
 
 
Requests for next versions
- - - - - - - - - - - - -
Manipulating credentials support, i.e delete, rename credential, etc.
Any further suggestion is welcome!