Export-PrivateVault
Hi, I am looking for a solution to be able to move a lot of users from existing DVLS data source to a new one.
I don't wont to write instructions to users how to export the private vault and import it (and not include credentials, setting a weak passwords, files lying around), is there a way to script Get-RDMPrivateSession to dump the whole private vault in way to be able to import it?
All Comments (2)
Hello @RokB,
If what you want is a script that an admin could run to execute an export-import of all other users' private vault contents at once, this won't be possible, since admins can't access other users' private vaults. However, if a script that an individual user could run (which would avoid the mistakes you mentioned) would be fine with you, you can try the following:
$tempFile = "C:\mypath\vault-migration.rdm"
# Auto-generate a cryptographically random password
$randomBytes = [System.Security.Cryptography.RandomNumberGenerator]::GetBytes(32)
$password = [Convert]::ToBase64String($randomBytes) | ConvertTo-SecureString -AsPlainText -Force
# Source data source
Get-RDMDataSource -Name "Source DVLS" | Set-RDMCurrentDataSource
$entries = Get-RDMEntry -VaultMode User
if (-not $entries) {
Write-Host "No private vault entries found."
return
}
Export-RDMSession -XML -IncludeCredentials -Path $tempFile -Sessions $entries -Password $password
# Target data source
Get-RDMDataSource -Name "Target DVLS" | Set-RDMCurrentDataSource
Import-RDMEntry -Path $tempFile -Password $password -VaultMode User -Set
Remove-Item $tempFile -Force
The users would have to run this themselves, but it would avoid the failure modes you mentioned. It includes credentials by default, generates a strong password (a long, random string like IBMvhKTI0lo+peDi6Pnppvrm9bBBqChDm72M0dEFrPY=), and deletes the file automatically after.
Best regards,
Christian
Testing the script, looks very promising, thank you Christian!
I will report back if I get it working
Best regards,
Rok