kevingregory
Contributor
Contributor

VCheck and Storing passwords.

I have started with a new department at work, and delving into the VMware side of things.  I was tasked with setting up VCheck scripts to poll our environments. I managed to get these set up within all environments, but now I would like to have one location to store all the scripts and have them connect to several different Domains.  I Read a few articles on here that require you to create the password .xml file which I realized you have to use powerCLI and not powershell (Yes, I am a nube to this).  I can create the .xml file no issues, but calling the password file is giving me issues. I am having an issue understanding the disconnect between commands between PowerShell and PowerCLI.  New-VICredentialStoreItem creates the password file, and it wont work in Powershell, but when I invoke vCheck.Ps1 from within Powershell it doesn't recognize the Commands to call the password file. I am probably missing something really easy, or my basic understanding is completely false. 

I am calling the vCheck script via Task Scheduler and that works, but trying to call the password file is giving me issues. I have zero background in programming, so this is a tad confusing.

Thank you so much.

0 Kudos
5 Replies
LucD
Leadership
Leadership

Which PowerCLI version are you using?

The reason for asking, since 6.5.1, and if you are using PowerShell 3 or above, you use the module auto-loading feature.

Also note that the New-VICredentialStoreItem stores the encoded credentials indeed in a XML file.

But be aware that only the same user, and on the same station, where the entries were created, can retrieve and decrypt the credentials.

The VICredentialStore uses a Windows API for encrypting/decrypting, and that uses the current user and station to do the encryption/decryption.

Also the reason why the VICredentialStoreItem cmdlet do not work on PowerShell Core on a non-Windows platform.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
kevingregory
Contributor
Contributor

I have updated to powershell 5.1 and PowerCLI to to 6.5.  Thanks, I will let you know how I make out.

0 Kudos
kevingregory
Contributor
Contributor

Sorry for the late reply, a little vacation.  I am so close to getting this resolved. I am able to run all the pertinent scripts to pass the credentials to the remote domain, but having some issues in calling the scripts via task scheduler.

I found that versioning of CLI and PS, play a major part in the commands being called.  Quite interesting to work through these I must say.  The server didn't have an internet connection so I had to go through the hoops of installing the components without reaching out to the internet.

I can load the CLI modules on the server, but I would like a way that they are loaded and stored and not having to call them again for each session.

Here is what I am running manually that I would like to script. But not 100% sure how to script all this to allow via task scheduler.

Import-Module VMware.VimAutomation.Core

Get-VICredentialStoreItem  (Displays the two Hosts in the other Domain and the one user to connect)

Host                 User                 File

----                 ----                 ----

Server1.... Domain\kevin

Server2.... Domain\kevin

Connect-VIServer Server1

Name                           Port  User

----                           ----  ----

Server1   443   Domain\kevin

I then Change the dir to where V-Check resides and run v-check. V-Check runs and no credentials are asked for.  As I said, so close.

Thank you everyone for your patience.

0 Kudos
kevingregory
Contributor
Contributor

I got it working. I was thinking too much into it.

0 Kudos
LucD
Leadership
Leadership

Good on you Smiley Happy


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos