Create Private Vault Credential Entries from Powershell Script
I am currently working on making a Win10Enterprise image for our laptops, and as part of that, setting up RDM. For all our existing users, they already have their Private Vault credentials setup and will not need to do this again.
However, for new users, I need a simple way to create all the required Private Vault credentials we use. Ideally, this would be in the form of some script in RDM that gets run for each new user as part of onboarding.
I can see that there is the New-RDMSession powershell command, but I am unsure if it is able to create entries in the Private Vault?
Alternatively, is there a way to make "User Templates" that can be used for creating new users that will already have these Private Vault credentials created?
All Comments (9)
Hello,
It is possible to save an entry in the user's private vault using the Set-RDMPrivateSession PowerShell cmdlet instead of using Set-RDMSession. Be sure that when using the New-RDMSession, you will not use the -SetSession switch to save it in the shared vault.
About the user templates, it is not possible to create entries in the Private Vault on user account creation using a template. You need to do it using a script.
Finally, I will move this thread in the PowerShell section.
Best regards,
Érica Poirier
Thanks, Erica!
I missed that one when going through all the commands... Your help is greatly appreciated!
How can I set a password to the new credential ?
Hello,
You can use the Set-RDMSessionPassword cmdlet to set a password on a credential entry. The entry must already exist in the vault before being able to set the password.
Best regards,
Érica Poirier
When I use the Set-RDMSessionPassword, the credential is created in the public vault and not in my pivate vault.
This is my script :
$session = New-RDMSession -Name "Test" -Type Credential
$session.HostUserName = "username"
$session.HostDomain ='$MACHINE_DOMAIN$'
Set-RDMPrivateSession $session -refresh
Set-RDMSessionPassword -ID $session.id -Password (Read-Host -AsSecureString "Password")
Has anyone ever had the same problem?
Hi,
To set the password in an entry in the private vault using Set-RDMSessionPassword you need to use the Session parameter.
For example:[font="Helvetica Neue"]$session = New-RDMSession -Name “PrivateTest” -Type RDPConfigured[/font][font="Helvetica Neue"]Set-RDMSessionUsername -Session $session -Username “username”[/font]Set-RDMSessionDomain -Session $session -Domain '$MACHINE_DOMAIN$'Set-RDMSessionPassword -Session $session -Password (Read-Host -AsSecureString "Password" )Set-RDMPrivateSession $session -Refresh[font=Verdana][/font]
We have been able to reproduce your issue with Set-RDMSessionPassword when using the ID parameter. A ticket about it has been opened.
Best regards,
Olivier Désalliers
Old post, sorry for thread mining.
I'm just wondering if there is anyway that I can use PowerShell to update a password in each users private vault?
We use another tool to generate users admin passwords, and I'd like these changed regularly. I was looking at writing a script that could extract User A's credentials from the first tool, then update their saved password in their Private Vault.
Or can I only use PowerShell to update my own private vault?
TIA!
Hello,
You can only update your own Private Vault.
A workaround would to ask all users to run the same script on their own Private Vault as long as the entry's name is the same for every one.
Best regards,
Érica Poirier