locked
Leveraging secure credentials to run an executable in a powershell script RRS feed

  • Question

  • I am trying to replace a batch file that runs an automated upload process with a PowerShell script that provides better security. Currently, the executable in the batch file is run with credentials that are displayed in clear text as part of a switch. I am new to PowerShell and am having difficulty understanding how to call these credentials and apply them to the executable file I am trying to run. There seem to be a lot of posts about applying saved credentials to cmdlets, but little about working with executables. Below is a copy of my current script.

    $credPath = 'D:\Temp\axupload.txt'
    $fileCred = Import-CliXml -Path $credPath
    & 'D:\Program Files (x86)\XtenderSolutions\Content Management\IndexImageImport.exe' -Credential $fileCred --% /A HR_PERSONNEL_OPTION1 /S "HR_PERSONNEL" /F "\\imageserver1\aximport\HR\Weekly_Upload\WCHR10B.AppXtender.20180928.txt" /Q

    The error message I receive is below. It specifically relates to passing through the /u userid and /w password switches to the executable. I am trying to do this by calling the credential file I have already created and saved, but this is not working so there must be a different way to accomplish this. Maybe, as an argument?

    Application error message

    Below is the key command line from the batch file. I have redacted the username and password with XXXX's. "D:\Program Files (x86)\XtenderSolutions\Content Management\IndexImageImport.exe" /U XXXX /W XXXXXXXXXXXX /A HR_PERSONNEL_OPTION1 /S "HR_PERSONNEL" /F "\imageserver1\aximport\hr\WCHR10A.AppXtender.Updated.TXT"

    Any suggestions would be appreciated. Thanks,

    Tuesday, October 2, 2018 10:10 PM

Answers

  • An alternate approach would be to store the batch file in a directory with restricted permissions.

    This is by far the easiest approach and requires no change to your script.


    -- Bill Stewart [Bill_Stewart]

    Wednesday, October 3, 2018 3:54 PM

All replies

  • Obviously, -Credential is not a valid option for your executable - take a look at the help screen you posted (there's no -Credential option there).


    -- Bill Stewart [Bill_Stewart]

    • Proposed as answer by BOfH-666 Tuesday, October 2, 2018 11:46 PM
    Tuesday, October 2, 2018 10:20 PM
  • Yes exactly, that's why I am posting it to the Forum.  I am looking for ideas for alternate approaches that allow me to provide greater security than just plain text credentials in a batch file.
    Wednesday, October 3, 2018 1:42 PM
  • An alternate approach would be to store the batch file in a directory with restricted permissions.

    This is by far the easiest approach and requires no change to your script.


    -- Bill Stewart [Bill_Stewart]

    Wednesday, October 3, 2018 3:54 PM