2 Replies Latest reply on Nov 1, 2018 7:26 PM by timweaver23

    PowerCli - Hide Password From Script

    Bunty11 Enthusiast

      $PasswordFile = "\\xxx.xx\xx\xx\xx\xx xx\xx.txt"

      $KeyFile = "\\xx.com\xx\xx\xx\xx xx\xx.key"

      [Byte[]] $key = (1..16)

      $vPassword = "xxxxx" | ConvertTo-SecureString -AsPlainText -Force

      $vPassword | ConvertFrom-SecureString -key $key | Out-File $PasswordFile

      [Byte[]] $key = (1..16)

      Get-Content $PasswordFile | ConvertTo-SecureString -Key $key

       

      After above i do below and i get error :

       

      Connect-VIServer -Server xx.xx.x.xx -User xxx -Password $vPassword

       

      Error:

      Cannot complete login due to an incorrect user name or password.

        • 1. Re: PowerCli - Hide Password From Script
          LucD Guru
          Community WarriorsUser ModeratorsvExpert

          This is a 3-step

          1. Create the key file
          2. Store encrypted password
          3. Retrieve encrypted password and use in a PSCredential object

           

          Something like this

           

          # File locations

          $keyFile = 'C:\Temp\aes.key'

          $pswdFile = 'C:\Temp\pswd.txt'

           

          # Step 1 - Create key file

          $key = New-Object Byte[] 32

          [Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($key)

          $key | Out-File -FilePath $keyFile

           

          # Step 2 - Create password file with key encryption

          $user = 'user'

          $pswd = 'VMware1!'

           

          $secPswd = $pswd | ConvertTo-SecureString -AsPlainText -Force

          $secPswd | ConvertFrom-SecureString -Key (Get-Content -Path $keyFile) |

          Set-Content -Path $pswdFile

           

           

          # Step 3 - Retrieve password

          $encryptedPswd = Get-Content -Path $pswdFile | ConvertTo-SecureString -Key (Get-Content -Path $keyFile)

          $cred = New-Object System.Management.Automation.PSCredential($user,$encryptedPswd)

           

          # Step 4 - Use credential

          Connect-VIServer -Server vc -Credential $cred

           

          Blog: http://lucd.info | Twitter: @LucD22 | PowerCLI Reference co-author: http://tinyurl.com/hkn4glz
          • 2. Re: PowerCli - Hide Password From Script
            timweaver23 Novice
            Get-VICredentialStoreItemThis cmdlet retrieves the credential store items available on a vCenter Server system.
            New-VICredentialStoreItemThis cmdlet creates a new entry in the credential store.
            Remove-VICredentialStoreItemThis cmdlet removes the specified credential store items.

             

            Examples

            C:\PS>New-VICredentialStoreItem -Host vCenter01 -User Admin -Password pass

            C:\PS>Remove-VICredentialStoreItem -Host vCenter01 -User Admin

             

            see link - Back to Basics: Connecting to vCenter or a vSphere Host - VMware PowerCLI Blog - VMware Blogs