none
use previously exported credentials in powershell RRS feed

  • Question

  • hello guys, 

    i have this script which should run a script block using credentials that have been exported previously 

    $logFile = "C:\xampp\htdocs\backend\script_log.txt"
    start-transcript $logFile
    
    $scriptLoc = "C:\xampp\htdocs\backend"
    #$scriptLoc = $PSScriptRoot
    
    $configFile = join-path $scriptLoc 'config.ps1'
    $remotePS = join-path $scriptLoc 'remote.ps1'
    
    . $configFile
    
    $credsXML = join-path $scriptLoc "creds.xml"
    
    $Credentials = Import-Clixml $credsXML 
    
    Start-Job -ScriptBlock {
        & $remotePS
    } -Credential $Credentials
    
    Stop-Transcript
    

    i am getting this error when running the script, using a bat file which runs with  a different credentials 

    ERROR : 

    **********************
    Windows PowerShell transcript start
    Start time: 20151021135844
    Username: SIS\SYSTEM
    RunAs User: SIS\SYSTEM
    Machine: PC1 (Microsoft Windows NT 6.3.9600.0)
    Host Application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -ExecutionPolicy Bypass -File C:\xampp\htdocs\backend\run_remote.ps1
    Process ID: 3968
    **********************
    Transcript started, output file is C:\xampp\htdocs\backend\script_log.txt
    
    PS>TerminatingError(Import-Clixml): "Key not valid for use in specified state.
    "
    Import-Clixml : Key not valid for use in specified state.
    
    At C:\xampp\htdocs\backend\run_remote.ps1:19 char:16
    + $Credentials = Import-Clixml $credsXML
    +                ~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : NotSpecified: (:) [Import-Clixml], Cryptographic
       Exception
        + FullyQualifiedErrorId : System.Security.Cryptography.CryptographicExcept
       ion,Microsoft.PowerShell.Commands.ImportClixmlCommand
    

    how can i run the script in background with using different credentials 

    thanks.

    Wednesday, October 21, 2015 10:01 AM

Answers

  • You cannot.  Items encrypted in one account cannot be decrypted using a second account.

    Just runas the script as the account you want.  Don't use stored credentials.


    \_(ツ)_/

    • Marked as answer by Vagho Wednesday, October 21, 2015 11:33 AM
    Wednesday, October 21, 2015 10:07 AM