I am running Test-DbaNetworkLatency -SqlCredential sa in powershell to measure sql server network latency. It prompts input password each time I run the command. I am planning to schedule a cronjob on my server to run this command regularly so I am looking for a way to avoid typing password each time. Can anyone tell me how I can achieve that in powershell?
You will need to create a credential object for the function.
The function info shows Windows and SQL Authentication supported. Accepts credential objects (Get-Credential)
$password = ConvertTo-SecureString "Password" -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential ("sa", $password)
Test-DbaNetworkLatency -SqlCredential $creds
Related
how I can run this command in powershell to all users in the server?
powerShell -sta -file 'E:\Script-Popup\Popup-Message - Done.ps1'
that on every user who is currently connected to the server, this command will run.
Option 1:
Get connected users:
query user /server:SERVERNAME
For each user run:
$username = "username"
$password = "password"
$securePassword = ConvertTo-SecureString $password -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential $username,
$securePassword
Start-Process powershell.exe -Credential $credential -ArgumentList "-file
$script"
Option 2:
Configure a logon script using a GPO (the script will run when the users login)
You don't need PowerShell for that (but you can use it with PowerShell)
msg * 'This will be shown to all users as a pop up'
MS Learn - Terminal Server commands: MSG
I'm trying to use some credentials so I can connect to MicrosoftTeams using powershell with orchestrator. I need a username and its password. The password is stored as a global variable, encrypted. When I try to connect to MicrosoftTeams it says that the password is incorrent. However, when I put the password hard coded there is no problem, and I can connect to Microsoft Teams.
Here is my code:
$Pass = ConvertTo-SecureString '{password}' -AsPlainText -Force
$admin ="admin#admin.com"
$cred = new-object -typename System.Management.Automation.PSCredential -argumentList $admin, $password
connect-MicrosoftTeams -credential $cred
Has someone had the same issue?
I think my problem was because I was using a PowerShell Script activity. It turns out that this activity can't read encrypted variables. To solve this problem I just enctypted the password and stored it in my C: drive, then I just got the content from that file. If someone wants the code for that, please ask.
I am creating a PowerShell script that a user can just run to edit an entry in registry. My problem is that I cannot figure out how to store local admin username and password in the same script so that the user can just double click the script and run it without having to enter username and password manually.
Here is my code:
$username = "testpc\administrator"
$pasword = get-content C:\Users\test1\documents\testpassword.txt
$credential = new-object -typename system.management.automation.pscredential -argumentlist $username, $password
This does not work at all. Please let me know what I am doing wrong here.
Usually I'd ask for an error, but in this case I'll advise different, just because your approach isn't acceptable.
Don't store passwords unencrpted in script. Never.
Don't store passwords encrypted in scripts, which are meant to be read by someone else, especially not a user with less privileges. Never!
Go, figure other ways to solve your problem. Always!
In this case I see two solutions with the given information:
change the ACL for the registry key that need to be changed by the user
Create a scheduled task which runs as SYSTEM. Make sure the user cannot edit the script.
Actually #vrdse is right.
you can create the script with the KEY as parameter and:
create a scheduled job with the credentials of your user and add the script as task.
give the user the right to execute the job but NOT to edit or to delete
give a shortcut to the scheduled job (or a runner script) to the user and make a how-to document to show him,/her how the parameter should be used.
I use clear text passwords as temporary testing stuff to make sure users CANNOT use my script (so it is exactly the opposite of your action).
You can capture credential during execution:
$cred = get-gredential -message 'This script needs a real admin user'
Enter-PSSession -Credential $cred -ComputerName 127.0.0.127
You can build a credential (do not store privileged user data):
$user = 'SuchAGreatDomainName\IAmLowPrivilegedUserName'
$Password = 'SuperSecretPassEverybodyKnows'
$secpassword = ConvertTo-SecureString $Password -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential($user, $secpassword)
Invoke-RestMethod -Uri $Uri -Credential $Credential
Hi I have been trying to deploy model to analysis service by using XMLA script. I used deployment wizard and it worked fine. However when I tried to use command Invoke-ASCmd to deploy model to my analysis server. It got a error of targetinovation which I figured out to be my credential argument error.
The command I used:
$user = "myemail#outlook.com"
$PWord = ConvertTo-SecureString -String "password" -AsPlainText -Force
$Credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $user, $PWord
Invoke-ASCmd -InputFile AW.XMLA -Server asazure://southeastasia.asazure.windows.net/azurejenkins -Credential $Credential
But when I not use the -Credential argument it prompt the window email login which work fine. How do I use this command without prompting the user to enter email and password?
Solution to this problem.
I need to create webapp/api in active directory of azure. Copy its application id, tenant id and authentication key which you need to go to keys section in your app.
Go to SQL management server program which connected to your analysis server. Go to security and add app:# in manual entry (in case you don't see your app in the list).
Then use the same command I used in the question but change some components. Change user email to your app id and password to your authentication key. Add tenant id.
Add-AzureAnalysisServicesAccount -Credential $Credential -ServicePrincipal -TenantId $TenantId -RolloutEnvironment "xxxxxx.asazure.windows.net"
Invoke-ASCmd -InputFile xx.XMLA -Server asazure://southeastasia.asazure.windows.net/xxxxxx -Credential $Credential
Hope this script help someone who has the same problem as mine.
I can't wrap my head around this at all. I have a powershell script that works fine as long as the user has admin rights, because it is moving data to a NAS share that requires write permissions. My issue is I am putting the script in the GPO Startup process. So I need to run the powershell script as another user.
Do I somehow add the new user credentals inside the script itself, or use another process to runas the other user?
I've tried creating another .ps1 script to start the original script, but it didn't work.
I really want to be able to do this in the original script that's doing all the work.
$username = 'domain\user'
$password = 'password'
$cred = New-Object System.Management.Automation.PSCredential -ArgumentList #($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
Start-Process -FilePath D:\Scripts\Monitor.ps1 -ComputerName localhost -Credential $cred
and I've tried:
Start-Process -FilePath D:\Scripts\Monitor.ps1 -ComputerName (NAS IP Address) -Credential $cred
This works fine inside a powershell script, so how do I get this to run as another user?
& D:\Scripts\monitor.ps1
We have decided to run this as a task under task scheduler at boot up run by a service account that has all the correct permissions. Not what I really wanted but it does work