Powershell: passing plaintext password in script

jasonhand · 2018-12-06T16:24:37.000Z

I have a script that i have running through powershell, created a script for it, but in order for it to execute, it puts up a dialog box to enter password. I would like to include the password in the powershell script so i don’t get prompted for it, but just run the scripts and it executes and completes successfully without any prompts.

Is there a command line to use to be able to include my password in my script?

no username, just a password.

thanks

davidhill1404 · 2018-12-06T16:37:42.000Z

This is what I do.

I create a text file containing the encrypted password with the command below.

Read-Host “Enter Password” -AsSecureString | ConvertFrom-SecureString | Out-File “C:\Folder\Password.txt”

Then when I need it I use.

$pass = Get-Content “C:\Folder\Password.txt” | ConvertTo-SecureString

Then place $pass where you need your password.

Neally · 2018-12-06T16:42:22.000Z

JasonH1968:

I would like to include the password in the powershell script

No, you don’t want to do that…

pdq.com

How to share credentials between different users & machines with...

Secure password with PowerShell: Learn how to securely encrypt your passwords and automate your PowerShell scripts by using AES keys.

$File = "\\Machine1\SharedPath\Password.txt"
[Byte[]] $key = (1..16)
$Password = "P@ssword1" | ConvertTo-SecureString -AsPlainText -Force
$Password | ConvertFrom-SecureString -key $key | Out-File $File

secure-string and running this one time to create the password is one way of doing that. Not great but still WAY better than a plaintext password in the script.

If you post code, please use the ‘Insert Code’ button. Please and thank you!

PLEASE READ BEFORE POSTING! Read if you're new to the PowerShell forum! Programming & Development

Hi, and welcome to the PowerShell forum! Don’t apologize for being a “noob” or “newbie” or “n00b.” There’s just no need – nobody will think you’re stupid, and the forums are all about asking questions. Just ask! Use a descriptive subject. Don’t say “Need help” or “PowerShell Help”, actually summarize what the problem is. It helps the rest of us keep track of which problem is which. Don’t post massive scripts. We’re all volunteers and we don’t have time to read all that, nor will we copy…

@davidhill1404

Neally · 2018-12-06T16:43:16.000Z

dthillsr:

This is what I do.

I create a text file containing the encrypted password with the command below.

Read-Host “Enter Password” -AsSecureString | ConvertFrom-SecureString | Out-File “C:\Folder\Password.txt”

Then when I need it I use.

$pass = Get-Content “C:\Folder\Password.txt” | ConvertTo-SecureString

Then place $pass where you need your password.

The downside to doing this without the $key parameter is that that is limited to one user account on one computer, it’s not portable on another server or another user account.

jasonhand · 2018-12-06T16:47:12.000Z

Neally:

JasonH1968:

I would like to include the password in the powershell script

No, you don’t want to do that…

How to share credentials between different users & machines with PowerShell | PDQ
$File = "\\Machine1\SharedPath\Password.txt"
[Byte[]] $key = (1..16)
$Password = "P@ssword1" | ConvertTo-SecureString -AsPlainText -Force
$Password | ConvertFrom-SecureString -key $key | Out-File $File
secure-string and running this one time to create the password is one way of doing that. Not great but still WAY better than a plaintext password in the script.

If you post code, please use the ‘Insert Code’ button. Please and thank you!
PLEASE READ BEFORE POSTING! Read if you're new to the PowerShell forum!

osql -Slocalhost\SPECTOR360 -Usa -iC:\Temp\RebuildClr.sql -oC:\Temp\RebuildClr.log -n  -w8096

that is the code i have, when i run it like that, it prompts for password to run and complete. so what should i add after to include that password.

It’s only going to be run on this one pc

Neally · 2018-12-06T16:55:06.000Z

Well according to this you can feed it the user and password info like so:

learn.microsoft.com

osql Utility - SQL Server

In SQL Server, the osql utility lets you enter Transact-SQL statements, system procedures, and script files. Osql uses ODBC to communicate with the server.

osql -Slocalhost\SPECTOR360 -Usa -iC:\Temp\RebuildClr.sql -oC:\Temp\RebuildClr.log -n
     -w8096 -Ulogin_id $userName -Ppassword $password

And to populate the password, look at what David posted, if you just run it on a single machine.

# you only run this ONE TIME, to create the password file, 
# after that you no longer need this.
# Read-Host "Enter Password" -AsSecureString | 
# ConvertFrom-SecureString | Out-File "C:\Folder\Password.txt"

$userName = 'johndoe'
$password = Get-Content "C:\Folder\Password.txt" | ConvertTo-SecureString

osql -Slocalhost\SPECTOR360 -Usa -iC:\Temp\RebuildClr.sql -oC:\Temp\RebuildClr.log -n  
     -w8096 -Ulogin_id $userName -Ppassword $password

jasonhand · 2018-12-06T17:06:33.000Z

still prompting for password when running

Neally · 2018-12-06T17:07:57.000Z

JasonH1968:

still prompting for password when running

That’s unrelated to powershell then. that has to do with the ’ osql’ utility…

Maybe try -U then -P for user and password in the command.

jasonhand · 2018-12-06T17:28:04.000Z

yup, just adding the -P and then the password works, so simple lol

Thanks!

Is it possible to set the script file to “run with powershell” when double clicking instead of having to right click and “run with powershell” ?

Neally · 2018-12-06T17:34:28.000Z

That’s not really recommended.

You can just create a bash script to do that.

powershell.exe -ExecutionPolicy Bypass -command "& 'C:\MyScript.ps1'"

jasonhand · 2018-12-06T17:49:24.000Z

awesome, working great, thanks again!

michaelmtallman · 2018-12-06T18:28:21.000Z

Neally is da PSman And if you’re not already following him, I HIGHLY suggest you do - just sayin’. A lot of his suggestions have found their way into my Powershell Collections for future reference.

@alexw

martin9700 · 2018-12-06T20:29:17.000Z

Should also consider using the Invoke-SqlCmd cmdlet. It supports secure credentials and is PowerShell friendly.

steviestaab2620 · 2018-12-07T04:44:51.000Z

Look into credential manager and it’s powershell module.