0

i have a function in a Powershell module which should establish a database session with SimplySql. SimplySql takes a credential object. Now i have several problems, to send the password into the function. What i tried:

  1. When using a [string]$password parameter i get the warning "Parameter '$password' should use SecureString, otherwise this will expose sensitive information". Makes absolute sense, so i changed the param to securestring.

  2. I created the secure string with "$SecurePassword = "myPassword" | ConvertTo-SecureString -AsPlainText -Force", imported the module again and called the function. Now i get the following message: Cannot process argument transformation on parameter 'Password'. Cannot convert the "System.Security.SecureString" value of type "System.String" to type "System.Security.SecureString". I checked the SecureString with $myLocalSecString.GetType(), and "yes" its a Secure String.

  3. Because i didn't found any solution for that, i tried to set [PSCredential]$cred as input object. I created the object with [pscredential]$_credObject = New-Object System.Management.Automation.PSCredential ("myusername", $SecurePassword). When i call the function now, i get the following message:

PowerShell credential request
Enter your credentials.
Password for user System.Management.Automation.PSCredential:

I think i created the SecureString on a wrong way in scenario 2 and 3, but i didn't what i doing wrong. The script should work on Powershell Core.

Would be great to get a good hint here.

Thanks in advance

Dave

David Koenig
  • 141
  • 2
  • 10
  • 1
    "SimplySql takes a credential object" - can you elaborate on this? If the target module accepts a `[pscredential]`, then the best thing you can do is to accept one as well and pass it on to the module as-is, never touch the plaintext password – Mathias R. Jessen May 14 '21 at 20:05
  • Yes, SImplySql takes an credential object. I tried to create this and give that to my function as describes above (Bullet number 3). But then i get a prompt to enter my password manual. – David Koenig May 16 '21 at 10:00
  • Can you please show the full script that creates the credential object an calls the script/function? There must be something missing – Mathias R. Jessen May 16 '21 at 10:08
  • Hi, sorry for the delay, had vacation ;-). @Ma – David Koenig May 18 '21 at 17:50

1 Answers1

1

sorry for the delay, had vacation ;-). I tried it again now to provide you with a complete code sample. I don't what i changed, but know its working. I was really sure, that i created it with

$_secString = ConvertTo-SecureString "test" -AsPlainText -Force
[pscredential]$_credObject = New-Object System.Management.Automation.PSCredential("mydbuser", $_secString)

the last time. I did it with the same command today and it works. Strange. Mea culpa to stole your time....

Really strange.

Mathias R. Jessen
  • 157,619
  • 12
  • 148
  • 206
David Koenig
  • 141
  • 2
  • 10