Credentials Manager module, version 1.00
author: Igor Iric, email@example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - -
The module Credentials Manager provides you with convinient and safe way to store your credentials to file system and effectvly re-use them in your scripts.
List of commands:
Credentials are saved in encrypted files, i.e. only user that saved them, can decrypt it.
All commands have documented help system. Type Get-Help about_CredentialsManager, or Get-Command -Module CredentialsManager for more info.
- - - - - - - - -
Write-Credential [-Environment] <String> [[-Path] <String>] [-PassThru] # stores credentials in encrypted form to disk
Read-Credential -Environment <String> [-Path <String>] [<CommonParameters>] # reads credentials from disk
Read-Credential [-Path <String>] -ListAvailable [<CommonParameters>] # lists all available credentials
Commands support multiple credentials at same path (folder), identified with Environment parameter.
Default path (folder) %APPDATA%\CredentialsManager can be changed to any value, including network shares.
- - - - - - - -
Even if administrators or other users do have access to credentials files (i.e. on a network shares), they will not be able to decrypt it.
Function is using ConvertTo-SecureString with -AsPlainText parameter to process Username parameter which is by default passed as plain text. It is saved as encrypted data to disk.
- - - -
Write-Credential Dev # User is prompted for credentials (user name and password) which are saved to default location
Write-Credential BAcc -Path P:\cred # User is prompted for credentials for B account, which are afterwards saved to P: disk
$Cred = Read-Credential -Environment Dev # Gets username and password from files saved in repository and saves it in variable
Get-WMIObject Win32_Service -Computer DC1 -Credential (Read-Credential -Environment Dev) # Gets credentials from repository and directly uses it in network operation
Get-Item '\\dfs\restricted\*' -Credential (Read-Credential -Environment BAcc) # Gets B account credentials from repository and directly uses it to access restricted folder content
- - - - - - - -
0.90 - Nov '15 - initial Public release, 2 functions Read, Write
1.00 - Dec '15 - one file for data instead of 2, added convert functions
Updates in this version 1.00
- - - - - - - - - - - - - -
Read-Credential, Write-Credential - both functions are now using only one file for storing encrypted credentials
Write-Credential - now supporting non-interactive mode, credentials can be passed throu with parameter -Credential
Convert-Credential - if you saved credentials using previous version, you can update them to current one
Requests for next versions
- - - - - - - - - - - - -
Manipulating credentials support, i.e delete, rename credential, etc.
Any further suggestion is welcome!