childebrandt42

Worthless info……………Oh blinky lights!

Using Windows Credential Manager with Powershell.

Posted by

childebrandt42

·

, , ,

I have been having trouble for a while dealing with credentials and how to store them when using them in scripts. I have done the whole just do Get-Credential and enter it every time I run the script but that is a great for one off scripts but not for scheduled tasks. In the past i had just been using the Import-Clixml and importing the creds saved from a txt file. This works well but now you have to deal with actual txt files. I ran across a article somewhere reading on something else and remember someone saying something about saving credentials to the Windows Credential manager. After doing some research and some digging and reading found this Gem of a Powershell module. CredentialManager Module is a easy module to use, and simplistic with only 4 commands.

Get-StoredCredential
Get-StrongPassword
New-StoredCredential
Remove-StoredCredential

With these 4 commands you can now save credentials and call credentials from the credential manager. This is a huge win for me. No more having to deal with cred files, trying to remember what account created the txt file and fighting that mess.

Creating Stored Credentials

New-StoredCredential -Comment 'Test_Creds' -Credentials $(Get-Credential) -Target 'TestCreds'
Showing the Credentials in the Credential Manager.

Using the stored Credentials

Get-StoredCredential -Target 'TestCreds'

This will show the below but that does not help you.

If you store this into a variable now you can use this variable for your credentials as you normally would. 

$TestCreds = Get-StoredCredential -Target 'TestCreds'

Update, Since when this blog was released, there has been a few updates, By default when it creates the creds as temporary. When you reboot, the credentials are wiped, if you want it to persist past reboots you need to add a -Persist flag in the command. 

$TestCreds = Get-StoredCredential -Target 'TestCreds' -Persist

Removing Stored Credentials

Cleaning up old credentials is always great housekeeping. 

Remove-StoredCredential -Target 'TestCreds'

Using Strong Passwords

Get-StrongPassword -Length 20 -NumberOfSpecialCharacters 4

The command will get you the a password that is 20 characters long with 4 special characters. This is a quick way to generate a password for the needs.

With this little bit of info has saved me a huge amount of time. I am not claiming that Credential manager the most secure method, but its way better than saving the passwords in clear text in the script. And much more manageable than having to deal with txt files.

childebrandt42 Avatar

About the author

Hi, I’m Chris Hildebrandt, a Technology Generalist and passionate EUC Solutions Architect at Choice Solutions.

With hands-on experience from enterprise deployments to consulting, I specialize in virtualization, Omnissa Horizon, App Volumes, Azure Virtual Desktop, Nerdio, LoginVSI, Cisco UCS, Pure Storage and streamlining workflows through automation (PowerShell, APIs, and more).

Proud multi-year vExpert, Omnissa Tech Insider, Cisco Champion, former VMUG leader, and co-Leader of World of EUC in KC!

Active in the #vCommunity—let’s connect on EUC challenges, automation ideas, or modern workspaces! 🚀