Remove Credentials

Hello, I’ve written a PS script that logs on to a fileshare, and then open an excel file. My local userid has no access to the fileshare so the script will pick up the credentials from a XML file that’s been created using the following PS command.

Get-Credential | Export-Clixml -Path C:\temp${env:USERNAME}_cred.xml

The actual script that connects to the fileshare and open an excel file.

$cred = Import-Clixml -Path C:\temp${env:USERNAME}_cred.xml
$file=“\UNC path_to_fileshare”
New-PSDrive -Name uncpath -PSProvider filesystem -Root $file -Credential $cred
invoke-Item uncpath:“file.xlsx”

This works as I it should,but there is one thing that I’m not happy with, after I close the Excel file I want the credentials to accessing the file share to “go away”, which they don’t. As long as I’m logged on I can access everything on that spesific server that my userid are allowed to do.Do anyone know how if it’s possible to restrict the credentials to only work for that session, or if there’s any command I can add to the script that removes the credentials, I guess they get cached somewhere withinn windows

Kind regards

OddA

may be net use $file /delete ?

Soory, that didn’t work, if using “net use” the share doesn’t even shows. Within the PS session I can see the drive if I use get-psdrive, but it won’t show outside of the session,

Remove-psdrive, remove-variable cred? or just overwrite cred. $cred = $null

The import-clixml is only going to work for the user/computer that generated it.

Using the Remove-PSDrive cmdlet in the same session should do the trick.

I’ve tried different approaches for this, but it seems like when I first add the credentials for this the “hang around” until logoff, if I try within PS to do a dir uncpath: it will show what’s in that folder, if I try to to do that in another PS session it says drive does not exist, which is correct. If i,in the original ps session, do remove-psdrive uncpath and then try dir uncpath: it also say drive not found. But if I try to load the Excel file from my desktop after I’ve done this part of the script

$cred = Import-Clixml -Path C:\temp${env:USERNAME}_cred.xml
$file=“\UNC path_to_fileshare”
New-PSDrive -Name uncpath -PSProvider filesystem -Root $file -Credential $cred

the excel file will open without asking for credentials, also it will open if I close the PS windows, or of I add
remove-psdrive uncpath to the script.
my guess is that the credentials are cached by windows, and then can be reused outside the powershell session.

it seems that sessions cached inside .net

 D:\> new-psdrive -name nano -PSProvider FileSystem  -Root '\\nanoserver\c$' -Credential $c

Name           Used (GB)     Free (GB) Provider      Root                                                         CurrentLocation
----           ---------     --------- --------      ----                                                         ---------------
nano                                   FileSystem    \\nanoserver\c$

 D:\> dir \\nanoserver\c$

    Directory: \\nanoserver\c$

Mode                LastWriteTime         Length Name
----                -------------         ------ ----
d-----       30.11.2016     20:27                Program Files
d-----       16.07.2016     15:09                Program Files (x86)
d-r---       30.11.2016      1:25                Users
d-----       30.11.2016     20:31                Windows


 D:\> Remove-PSDrive nano
 D:\> dir \\nanoserver\c$

    Directory: \\nanoserver\c$

Mode                LastWriteTime         Length Name
----                -------------         ------ ----
d-----       30.11.2016     20:27                Program Files
d-----       16.07.2016     15:09                Program Files (x86)
d-r---       30.11.2016      1:25                Users
d-----       30.11.2016     20:31                Windows

 D:\> get-psdrive

Name           Used (GB)     Free (GB) Provider      Root                                                         CurrentLocation
----           ---------     --------- --------      ----                                                         ---------------
Alias                                  Alias
C                  85,95         25,83 FileSystem    C:\                                                            Users\MKozlov
Cert                                   Certificate   \
D                 388,20         77,57 FileSystem    D:\
Env                                    Environment
Function                               Function
HKCU                                   Registry      HKEY_CURRENT_USER
HKLM                                   Registry      HKEY_LOCAL_MACHINE
K                   5,68          9,28 FileSystem    K:\
V                                      FileSystem    V:\
Variable                               Variable
vi                                     VimInventory  \LastConnectedVCenterServer
vis                                    VimInventory  \
vmstore                                VimDatastore  \LastConnectedVCenterServer
vmstores                               VimDatastore  \
WSMan                                  WSMan

 D:\> dir \\nanoserver\c$

    Directory: \\nanoserver\c$

Mode                LastWriteTime         Length Name
----                -------------         ------ ----
d-----       30.11.2016     20:27                Program Files
d-----       16.07.2016     15:09                Program Files (x86)
d-r---       30.11.2016      1:25                Users
d-----       30.11.2016     20:31                Windows

 D:\> [gc]::collect()
 D:\> [gc]::collect()
 D:\> dir \\nanoserver\c$
    Directory: \\nanoserver\c$

Mode                LastWriteTime         Length Name
----                -------------         ------ ----
d-----       30.11.2016     20:27                Program Files
d-----       16.07.2016     15:09                Program Files (x86)
d-r---       30.11.2016      1:25                Users
d-----       30.11.2016     20:31                Windows

 D:\> start-sleep -sec 60
 D:\> dir \\nanoserver\c$
dir : Cannot find path '\\nanoserver\c$' because it does not exist.
At line:1 char:1