Home > PowerShell > Pass Credentials via PowerShell

Pass Credentials via PowerShell

I’ve often found it necessary to pass my Administrator domain or Domain Admin (DomAdmin) credentials to run a PowerShell WMI command. Fortunately PowerShell provides 3 different ways of doing just that, not counting using Windows built in runas command. The three methods I’m going to go over are

  1. Entering your own unique credentials
  2. Entering a service account password, ie: the same username (or hard coding a username)
  3. Hard coding a user name and password

Method 1:

Windows PowerShell Credentials Request Box

Windows PowerShell Credentials Request Box

Entering your own unique credentials, this will popup the standard windows login, let’s store our credentials to a variable called $cred, the benefits of doing this if we want to run multiple commands all under this account we can just recall our credentials without having to enter them every single time. In this example, after I retrieve my stored credentials I’ll check to see who is logged onto a computer named dev-ghost. I’ll be using gwmi cmdlet which is just an alias for the Get-WmiObject cmdlet.

PS C:\> $cred = Get-Credential
cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
PS C:\> gwmi win32_LoggedOnUser -computer "dev-ghost" -credential $cred

Method 2
In this example, we are going to do the same as above, except we will specify the username, this is perfect for whenever you use service accounts.

PS C:\>PS C:\> $cred = Get-Credential "dev-ghost\administrator"
PS C:\> gwmi win32_LoggedOnUser -computer "dev-ghost" -credential $cred

Now let’s do the same as above, but instead of saving our credentials to a variable, we will just use it once and call it inline.

PS C:\> gwmi win32_LoggedOnUser -computer "dev-ghost" -credential "dev-ghost\administrator"

Method 3
I don’t think password should ever be hard coded into scripts, especially ones that can be decrypted. PowerShell provides a SecureString, this is nothing more than a joke. The reason I call it a joke is because anyone can decrypt a SecureString if they know a little bit of PS. But ignorance is bliss right? So let’s get to it…

PS C:\windows\system32\windowspowershell\v1.0> Read-Host -AsSecureString | ConvertFrom-SecureString | Out-File C:\PowerShell\MyPassword.txt

Once you press enter just type in your password, this will save your password to a file called MyPassword.txt. So now that the password is saved as a "SecureString" we can now use these saved credentials.

$password = type C:\PowerShell\MyPassword.txt | ConvertTo-SecureString
$cred = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist “administrator”,$password

and that’s it, your all set to start impersonating your credentials so that you can run scripts or executable under your service accounts.

  1. No comments yet.
  1. May 3rd, 2010 at 17:34 | #1
  2. November 10th, 2019 at 16:52 | #2
  3. November 11th, 2019 at 03:22 | #3
  4. November 11th, 2019 at 04:07 | #4
  5. November 11th, 2019 at 06:09 | #5
  6. November 16th, 2019 at 07:54 | #6
  7. November 16th, 2019 at 20:45 | #7
  8. November 16th, 2019 at 20:48 | #8
  9. November 18th, 2019 at 07:26 | #9
  10. November 18th, 2019 at 08:05 | #10
  11. November 18th, 2019 at 08:59 | #11
You must be logged in to post a comment.