Many times there is a need to store password in PowerShell script. Unfortunately to leave password in script is insecure solution and might cause an issue.

So, what to do if there is a need to have password in a script and we don’t want to have it embedded in clear-text in script?

Best way is to encrypt it and store in the file and then re-use it when required.

Create file with encrypted password

$secureString = Read-Host -AsSecureString "Enter a secret password"
$secureString | ConvertFrom-SecureString | Out-File C:\Scripts\storedPassword.txt

Use encrypted password in script

$secureString = Get-Content -Path C:\Scripts\storedPassword.txt | ConvertTo-SecureString

If you want to replace string in multiple files name you can simply use PowerShell for that.

Dir -Recurse | Rename-Item -NewName { $_.name -replace "file","name-of-file" }

I use SecureCRT quite often to access Linux systems as well as network devices.

When going through one of the presentations on SecureCRT web page I found handy tip how to configure session logs to have it divided by date, time and session.

Screenshot below demonstrates settings for log file:

Basically parameters are set to:

• Log file name: %Y-%M-%D–%h-%m-%s.%t__%S(%H).txt
• Options / Start log upon connect: checked
• Custom log data / On each line: %h:%m:%s(%t):

These settings will create separate log file for each session every time connection will be established.

In addition to that each line will start with timestamp added by SecureCRT.

If there is a need to pass specific credentials to Get-WmiObject in order to gather information from remote machine, here is how you can do it:

$LAdmin = "DOMAIN\Administrator"
$LPassword = ConvertTo-SecureString "Password!" -AsPlainText -Force
$Credentials = New-Object -Typename System.Management.Automation.PSCredential -ArgumentList $LAdmin, $LPassword

Once $Credentials object is created you can easily use it to gather information from remote PC:

Get-WmiObject -ComputerName $computername -Class Win32_VideoController -Namespace "root\cimv2" -Credential $Credentials

During mass reainstallation/redeployment/migration of large number of PCs, always question about applications is raised.

How to deploy/deliver applications once all machines are resintalled?

If you have SCCM in the infrastructure, this might help a lot with automation. All you need is mapping between computer name and applications (to be more specific collection ids) and PowerShell console on SCCM server.

Then you just need to prepare input files for the script below and you can automate application deployment on mass scale.

(more…)

Some handy wmic commands which might be helpful when automating OS deployment:

wmic bios get serialnumber
wmic computersystem get manufacturer
wmic computersystem get model