Tuesday, 24 November 2015

Create SecureString File

The previous post (here) was essentially the start of my ONTAP-Buttons pet project “to have a load of batch files I simply double-click and they do some useful task”. I could construct my buttons (the batch file that runs the PowerShell) with the Secure String in the batch file like I did here (an option I’ll keep), or, I can store these credentials somewhere so they can be shared between my buttons.

Quick note on “ONTAP-Buttons” folder structure:

If my buttons are in the folder ...\ONTAP-Buttons
The PS files are in the folder  ...\ONTAP-Buttons\PS
The creds will be in            ...\ONTAP-Buttons\PS\CREDS

Image: CreateSecureStringFile.BAT in action

Code

## +++++ Create SecureString File +++++ ##
Param([Switch]$NoDisplay)
Function Wr{ Param([String]$Echo,[String]$Ink = "WHITE"); IF($Echo){ Write-Host $Echo -ForegroundColor $Ink -NoNewLine } ELSE { Write-Host } }; Wr
Wr "+++++ Create SecureStringFile +++++" Magenta; Wr; Wr
Wr "......User Name : " Green; $UserName = Read-Host
Wr "User's Password : " Green; $SecureString = (Read-Host -AsSecureString | ConvertFrom-SecureString)

# Replace \ with . (cannot use \ in filename)
[String]$WhoAmI = (WhoAmI).Replace("\",".")
[String]$UserName = $UserName.Replace("\",".")

# Create PS\CREDS dir if they don't exist and write the file
[Void](New-Item -Path "PS" -ItemType directory -Force)
[Void](New-Item -Path "PS\CREDS" -ItemType directory -Force)
# Note: The excution context is where PowerShell is run from (i.e. if using a BAT file, where the BAT file is double-clicked)

[String]$CredsFileName = $WhoAmi + "." + $UserName + ".CREDS"
$SecureString > "PS\CREDS\$CredsFileName"
If(!$NoDisplay){ Notepad "PS\CREDS\$CredsFileName" }


Next thing, a standard way to use these stored credentials (I’m thinking the batch file will need a -GetCredentials switch to actually use them, otherwise it will prompt)...

2 comments:

  1. I can share this function with u
    Give me ure email

    ReplyDelete
    Replies
    1. Hi David,
      My email is in the "About this blog" section (i @ cosonok . com - without the spaces).
      Thank you,
      VC

      Delete