#PowerShell, #PowerWiseScripting, #ProjectWise, PWPS_DAB

HowTo:Create and Use Encrypted Password File

I have a simple one for this post. I will go through the process of creating a text file to contain an encrypted password. We will then retrieve the encrypted password and use it to log into a ProjectWise datasource.

We will be using the following cmdlets to accomplish this task. All of the ProjectWise related cmdlets are available using the PWPS_DAB module. At the time of this post, I am using version 1.23.7.0. Take a look at the help for each of the cmdlets to become familiar with their functionality, available parameters, etc.

  • Save-SecureStringToEncryptedFile
  • Get-SecureStringFromEncryptedFile
  • New-PWLogin
  • Undo-PWLogin

Save Secure String To Encrypted File

We will create a new text file containing the encrypted or secure password entered.

# File to be generated containing secure string password.
$SecurePasswordFile = 'D:\temp\SecurePassword.txt'
Save-SecureStringToEncryptedFile -Prompt "Enter Password" -FileName $SecurePasswordFile

The following shows the prompt to enter the user password.

passwordprompt

Get Secure String From Encrypted File

Now we will populate the $SecurePassword variable with the secure string retrieved from the provided encrypted file.

# Read encrypted file to retrieve the secure string.
$SecurePassword = Get-SecureStringFromEncryptedFile -FileName $SecurePasswordFile

The following shows the object type of the SecurePassword variable.

securepassword

Log In to ProjectWise Datasource

We will use the secure string from the encrypted file to log into the ProjectWise datasource.

$Datasource = 'BMF-WS2016-PWDI:ProjectWise'
$UserName = 'pwadmin'
$Splat_NewLogin = @{
    DatasourceName = $Datasource
    UserName = $UserName
    Password = $SecurePassword
}
New-PWLogin @Splat_LoginSource

The following shows the contents of the Splat_NewLogin variable.

splat

Log Out of Your Datasources

Be sure to log out of each of the current ProjectWise datasource.

Undo-PWLogin

Experiment with it and have fun. And please, let me know if there is a topic you would like to see a post for. Or share a solution you have developed.

Hopefully, you find this useful. Please let me know if you have any questions or comments.  If you like this post, please click the Like button at the bottom of the page. And thank you for checking out my blog.

4 thoughts on “HowTo:Create and Use Encrypted Password File”

  1. Do you know a way that new logical accounts can be created based on information stored in a SQL table, including setting the password? I am looking to create new accounts automatically based on a table, and set the user password based on what is entered in the table. This is all part of an automation process where we want to create logical accounts for specific remote access. The accounts are easy…I am stuck on getting the passwords to stick when using variables vs putting the actual password in the code, which defeats the purpose.

    This works fine.
    New-PWUserSimple -UserNames $logical -Description $description -Email $email -Password ‘1234’

    This does not regardless how I try to make the $pwd a secure string, pull from an encrypted file etc.

    New-PWUserSimple -UserNames $logical -Description $description -Email $email -Password $pwd

    What am I missing? Or is this just not possible?
    d

    Like

      1. Hi Brian. Sorry I realized the original post was not 100% accurate with regards to the line used. Sorry about that, I copied in the wrong lines.

        This is what I have, the script runs, the password is set on the account. As long as I have the ‘1234’ typed out in the script this works.

        $pwd = ConvertTo-SecureString ‘1234’ -AsPlainText -Force
        New-PWUserSimple -UserNames $logical -Description $description -Email $email -Password $pwd

        The problem comes when I attempt to replace the value of the ‘1234’ with a variable that I create from a SQL select statement. So if the ‘1234’ is replaced with $password, which is pulled from the table, and I confirm it is ‘1234’, the script runs, no errors.

        $Password = (Invoke-Sqlcmd -Server $SQLServer etc etc etc….
        PS SQLSERVER:\> $Password
        1234

        $pwd = ConvertTo-SecureString $Password -AsPlainText -Force
        New-PWUserSimple -UserNames $logical -Description $description -Email $email -Password $pwd

        PS SQLSERVER:\> $pwd
        System.Security.SecureString

        When I attempt to login I receive the 58064 error indicating the incorrect password. I have tried many combos of manipulating the variable content from encrypting in a text file etc and nothing I try seems to work beyond manually placing the ‘1234’ in the script.

        Just curious if you have ever done this?
        1.23.8.0 pwps_dab
        dave

        Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.