Hi Scripting guys, Help me pls in my task:
I have Pull Server and clients in my Workgroup env. On client site allow only Certificate Authenticate by WinRM. All works fine but in the case, when the build administrator credential need to change I should recreate WinRM settings with help command below:
New-Item -Path "WSMan:\localhost\ClientCertificate" -Credential $(Get-Credential) -Subject 'pullserver.mydom.com' -URI * -Issuer '18B10C2E8F7E8FC0F2F04BE230CABFDAB63CFB04' -Force
This command works but I should perform it on each of node manually.
I tried to automate this process but I can write script only include plain-text password, like :
Script CreateCertAuth
{
SetScript = {
$temp = @"
`$securePass =`$null
`$myCreds = `$null
`$userName = "Administrator"
`$pass = "Passw0rd"
`$securePass = ConvertTo-SecureString –String `$pass –AsPlainText -Force
`$myCreds = New-Object System.Management.Automation.PSCredential (`$userName, `$securePass)
Get-ChildItem WSMan:\localhost\ClientCertificate | ?{`$_.keys -eq "Subject='pullserver.mydom.com "} | Remove-Item -Recurse
New-Item -Path WSMan:\localhost\ClientCertificate -Credential `$myCreds -Subject 'pullserver.mydom.com ' -URI * -Issuer '18B10C2E8F7E8FC0F2F04BE230CABFDAB63CFB04' -Force
"@
& Invoke-Expression -Command $temp
}
How I can change my script without any playn-text information ($userName, $pass), is it possible?
I would like to give something like:
$cred = Get-credential New-Item -Path WSMan:\localhost\ClientCertificate -Credential $cred -Subject 'pullserver.mydom.com ' -URI * -Issuer '18B10C2E8F7E8FC0F2F04BE230CABFDAB63CFB04' -Force