1. 首页
  2. 问答
  3. 带有-Credential的Enter-PSSession在ScriptBlock内仍然提示输入凭据

带有-Credential的Enter-PSSession在ScriptBlock内仍然提示输入凭据

2014-04-02 18 views
0

我有一个脚本,它使用Enter-PSSession自动将用户登录到远程PowerShell会话中。我创建了新对象System.Management.Automation.PSCredential的-Credential。如果它不在ScriptBlock中,这很好用。当我把它放在脚本块中时,它会在我尝试连接时提示我输入凭据,但我不知道为什么。带有-Credential的Enter-PSSession在ScriptBlock内仍然提示输入凭据

我该如何使它在ScriptBlock内工作?

$userADPW = "password" 

$userAD = "john" 

$servip = "Server2K81.homelab.com" 

$PassSec = ConvertTo-SecureString $userADPW -AsPlainText -Force 

$credentialPS = New-Object System.Management.Automation.PSCredential ($userAD,$PassSec) 

Start-Job -ScriptBlock {param($psip,$CredentialPS2) Start-Process powershell -Argumentlist '-noexit',"Enter-PSSession -ComputerName $psip -Credential $CredentialPS2" -passthru -Wait} -ArgumentList $servip,$credentialPS

来源

2014-04-02 John Smithman

+2

您无法将'PSCredential'对象传递到命令行中。命令行参数必须是文本,而不是.NET对象。 –

+0

如果您在-runas参数中使用John的凭据创建了自定义委派会话,这会不会更容易? – mjolinor

+0

@ mjolinor,我会怎么做? –

回答

2

要确保你明白:此变通办法将在“StartInfo的”该进程离开(编码)密码,直到它关闭 - 这样的机器上什么都可以读取密码(也可能是解密) 。

$userADPW = "password" 

$userAD = "john" 

$servip = "Server2K81.homelab.com" 

$PassSec = ConvertTo-SecureString $userADPW -AsPlainText -Force 

$credentialPS = New-Object System.Management.Automation.PSCredential ($userAD,$PassSec) 

Start-Job -ScriptBlock { 
    param($psip,$CredentialPS2) 
    Start-Process powershell -Argumentlist '-noexit',"&{ 
    `$Credential = New-Object System.Management.Automation.PSCredential '$($CredentialPS2.UserName)', (ConvertTo-SecureString '$(ConvertFrom-SecureString $CredentialPS2.password)') 
    Enter-PSSession -ComputerName '$psip' -Credential `$Credential 
    }" -passthru -Wait 
} -ArgumentList $servip,$credentialPS

来源

2014-04-03 01:03:27 Jaykul

相关问题

 相关问题