Get credentials for multiple systems

What does this do?: Allows you to get the credentials for a set of systems from a text file and stores them in their own folder in a secure xml file. Those credentials can then be used later for a cmdlet that uses the -Credentials parameter.

Function Get-MyCredential {
    param($CredPath, $Computer)
    if (!(Test-Path -Path $CredPath -PathType Leaf)) {
        Export-Credential (Get-Credential -Message "Insert credentials for $($Computer)") $CredPath
    }
    $cred = Import-Clixml $CredPath
    $cred.Password = $cred.Password | ConvertTo-SecureString
    $Credential = New-Object System.Management.Automation.PsCredential($cred.UserName, $cred.Password)
    Return $Credential
}

Function Export-Credential($cred, $path) {
      $cred = $cred | Select-Object *
      $cred.password = $cred.Password | ConvertFrom-SecureString
      $cred | Export-Clixml $path
}

$ComputerList = Get-Content ".\CompList.txt"
$HostComputer = $env:COMPUTERNAME

#Get Credentials for each system
ForEach ($Computer in $ComputerList) {
    If ($Computer -eq "localhost") {
        $Computer = $HostComputer
    }
    If ((Test-Path ".\$($Computer)") -eq $False) {
        New-Item -ItemType Directory -Path ".\$($Computer)" | Out-Null
    }
    Get-MyCredential -CredPath ".\$($Computer)\Creds.xml" -Computer "$($Computer)"
}

Example: Getting the credentials for each computer in the CompList.txt file and using the credentials for the Get-WinEvent Cmdlet.

$ComputerList = Get-Content ".\CompList.txt"
$HostComputer = $env:COMPUTERNAME
ForEach ($Computer in $ComputerList) {
    If ($Computer -eq "localhost") {
        $Computer = $HostComputer
    }
    $Credentials = Get-MyCredential -CredPath ".\$($Computer)\Creds.xml" -Computer "$($Computer)"
    $Events = Get-WinEvent -ComputerName $Computer -Credential $Credentials -FilterHashtable @{LogName="System"; Level=3} |
        Select-Object TimeCreated,LevelDisplayName,LogName,ProviderName,ID,Message
    $Events | Out-File ".\$($Computer)\Events.txt"
}

Why I needed this script: I wrote an Event Viewer Monitor that needed to be ran every 10min against several systems. I utilized scheduled tasks for that to occur. However, when it ran every 10min it wouldn’t do anything. I needed the credentials for each system typed in every 10min. Of course that wouldn’t do, so I created the above script (borrowing some code from other Powershell wizards). On the first run, it asks me for the credentials for each system and stores them in a folder. It then creates the scheduled task and runs it every 10min without any input needed from me. There are probably more secure ways of storing the credentials other than an XML file, but this works for my needs.

-Andrew

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s