Powershell use $PASSWORD$ in script not working

Hi Sander,

in the PowerShell Session go to Security and enable "Allow Pasword in variable" - then the password variable should also work ;)

Please check also in the Data Source Settings => Password Policy section the Disable password variable for all sessions setting

PS.: A good test for resolving variables you can find here

Regards,
Min

Thanks! Sorry to ask such a stupid question. Nevertheless i found out that 'embedded script' is not working for me. I created this simple script:


param (
[Parameter(Mandatory=$true)][string]$u,
[Parameter(Mandatory=$true)][string]$p
)

$username = $u
$SecurePassword = ConvertTo-SecureString -String $p -AsPlainText -Force
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $SecurePassword
Login-AzureRmAccount -Credential $cred


When i paste in the RDM tool it looks nice; but when i Save and try to run it doenst work. When i edit the command all looks well ; but then when I copy paste to notepad and put encoding to ANSI you see issue's => Â apprearing in the text:


param (
[Parameter(Mandatory=$true)][string]$u,
[Parameter(Mandatory=$true)][string]$p
)

$username =Â $u
$SecurePassword = ConvertTo-SecureString -String $p -AsPlainText -Force
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $SecurePassword
Login-AzureRmAccount -Credential $cred


in attachment you can find a printscreen of the issue.



I can point to a external file but i would prefer to put my script really inside the tool. it there a way to save the ps1 file in the tool and point to it ; like you can do with a phonebook?


(PS: we use Azure SQL as datasource)

Hi,

don`t worry - I have never read or heard a stupid question! ;) RDM offers such so many feature - it`s nearly impossible to know all the granular settings :)

Could you try if the attached session works? (Just replace the username and password in the session details) If not, could you create a local datasource and import within?

I also use embedded scripts without any issues.. what RDM version are you using?

Regards,
Min

The attachment doesn't contain and Powershell script. It work but does nothing ;)
Edit in notepad shows:


<?xml version="1.0"?>
<ArrayOfConnection>
<Connection>
<PowerShell />
<AllowPasswordVariable>true</AllowPasswordVariable>
<ConnectionType>PowerShell</ConnectionType>
<ID>73e50b74-2c1f-4ef4-aaaf-3a3ea091cab2</ID>
<Name>Powershell TEST - Script</Name>
<OpenEmbedded>true</OpenEmbedded>
<Stamp>14ecb3bf-8b7f-4594-9d36-611a5a8527e0</Stamp>
</Connection>
</ArrayOfConnection>

Hello Sander,

Sorry my fault ;)

here the lines:

$username = '$USERNAME$'
$p = '$PASSWORD$'

$SecurePassword = ConvertTo-SecureString -String $p -AsPlainText -Force
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $SecurePassword
Login-AzureRmAccount -Credential $cred

Regards,
Min

This works indeed (after adding checkbox for 'run as admin' and '64 bit'). It does run externally instead of in an embedded window tho (cant seem to find out why)

Hi Sander,

for the embedded please check the Display setting (top of the session properties) - It should not be necessary to choose Run as Admin - Did you receive a error message without this option?

Here my settings:


Regards,
Min

Run as admin is indeed not needed ; it was also the reason the window is external. I added the admin part because i received and error in my first try (was because 32bit execution policy was not applied - only on my 64 bit version) => also the reason i need it to be 64 bit.

Thanks for the suport.


Final question: embedded script with parameters are not working? This causes the weird characters to be added?

Hi, it would also be run with parameters - but as I understand your scenario it is not necessary. Your goal is to run the powershell session with credentials from the private vault?

So you can set up the session like this: Credentials: None ; Then instruct every user to use the User Specific Settings to link their own credentials to the session.
Now every user would be automatically authenicated without any additional input.

However, if you want that the user must be interact, this would be the lines that could work:

param (
[Parameter(Mandatory=$true)][string]$u,
[Parameter(Mandatory=$true)][string]$p
)

$username = '$u'

$SecurePassword = ConvertTo-SecureString -String $p -AsPlainText -Force
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $SecurePassword
Login-AzureRmAccount -Credential $cred

P.S.: If you replace in line with $cred the $username variable with $u, you can remove line 5 ($username = ...)

Regards,
Min

Hey,

We try to automate the startup for a azure VM. We have lots of dev environment which we need to be able to turn on / off.
So the main goal would be:
> generate general scripts (for example to start a azure VM) ; parameters are credentials + Azure subscription + Resource Name + VM name
> use credential from PRIVATE VAULT (each user makes his own credential) and use lookup from private vault.

We like to keep user custom/specifc stuff in the private vault ; alto we could use a "credential entry" in general which a user needs to override with his/her own credentials.

question: credentials in private vault and/or personal overrides can't be seen by anyone except the user him/herself? Not even by RDM admins?
(we like to keep personal credentials really personal)


Issue's:
=> parameters don't work
=> embedded script cant be shared between entries (would be nice to upload a script, and use it from different entries) ; entries should just set parameters