Home
Microsoft 365
Linux
Windows
Powershell
Cloud Computing
    Citrix Xendesktop
    Citrix XenApp
Useful links
About
ajni.IT -
  • Home
  • Microsoft 365
  • Linux
  • Windows
  • Powershell
  • Cloud Computing
    • Citrix Xendesktop
    • Citrix XenApp
  • Useful links
  • About

PowerShell – Encrypt and store credentials securely

May 28, 2020 by AJNI No Comments

Saving credentials and secrets inside your code is a very bad idea and should be avoided. PowerShell has built-in commands to export and import encrypted data in your code.

There might be a lot of ways to achieve this, but this is how I like to do it. This is very elegant and easy to implement.

Let’s say we have a secret password that we want to secure and avoid saving in the source code.

$secretPW = "SecretPassword" | ConvertTo-SecureString -AsPlainText -Force

We can export this variable to an encrypted XML file with

$secretPW | Export-Clixml -Path .\secret.xml

The password is not human readable:

To import this file use

$secretPW = Import-Clixml -Path .\secret.xml

The plain-text password can be obtained through (I had to split the command into two lines)

[System.Runtime.InteropServices.Marshal]::
PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secretPW))

Just outputting the variable won’t show the password, because the variable is a System.Security.SecureString object.

Credentials can also be saved this way:

$credentials = Get-Credential

You can show the plain-text password with

$credentials.GetNetworkCredential().password

$credentials | Export-Clixml -Path .\credentials.xml

Only the username is shown in clear text.

Same thing again with the import

$credentials = Import-Clixml -Path .\credentials.xml

$credentials.GetNetworkCredential().password

The password can be decrypted by the same user that created the XML file on that specific computer.

References:

https://devblogs.microsoft.com/scripting/decrypt-powershell-secure-string-password/

https://pscustomobject.github.io/powershell/functions/PowerShell-SecureString-To-String/

Reading time: 1 min

Powershell: Getting Inactive AD Users

September 23, 2019 by AJNI No Comments

Hey folks!

Here is a quick way to find inactive AD Users in your environment. Get-ADUser ist the cmdlet we are going to use.

We are getting all users from the highest OU (domain.com) and using the Property LastLogonDate, which will not be returned if not specified in the -Properties parameter. After that a Where statement is going to show users that haven't logged in since 90 days or more.

Get-ADUser -Filter * -Properties lastlogondate | where { $_.lastlogondate -lt (Get-Date).AddDays(-90) }

We could also specify the OU where the command is going to search:

Get-ADUser -Filter * -Properties lastlogondate -SearchBase "OU=TerminatedEmployees,DC=Company,DC=com"| where { $_.lastlogondate -lt (Get-Date).AddDays(-90) }|select Name,Lastlogondate

There is also the -SearchScope Onelevel parameter to determine that we are not going to search recursively:

Get-ADUser -Filter * -Properties lastlogondate -SearchBase "OU=TerminatedEmployees,DC=Company, DC=com" -SearchScope OneLevel | where { $_.lastlogondate -lt (Get-Date).AddDays(-90) }|select Name,Lastlogondate

Have fun!

Reading time: 1 min

Tip Of the Day

  • Outlook 2016/2019/365 Problems connecting to Exchange Online mailbox

    1 month ago

Keep in touch

Oh hi there 👋
It’s nice to meet you.

Sign up to receive my awesome blog posts in your inbox, every week.

Check your inbox or spam folder to confirm your subscription.

Recent Posts

  • Outlook 2016/2019/365 Problems connecting to Exchange Online mailbox
  • Windows Server 2022 Freezing/Very Laggy Taskbar
  • Renew Always On VPN IKEv2 Server Certificate
  • Sophos SG/XG Firewall Site To Site SSL VPN apc to ovpn
  • Citrix Virtual Apps Published Application start OneDrive in the background

Categories

  • Azure (14)
  • Citrix XenApp (14)
  • Citrix Xendesktop (8)
  • Cloud Computing (31)
  • Coding (1)
  • Hyper-V (9)
  • Linux (8)
  • Microsoft 365 (14)
  • Powershell (13)
  • Security (6)
  • VDI (10)
  • Virtualization (18)
  • VMware (9)
  • Windows (21)
  • Windows Client OS (24)
  • Windows Server (60)

Archives

  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • December 2020
  • November 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019

ajni IT © 2019