ActiveRoles Release 7.4 Sample ‘RemoteMailbox’ Script
With the release of ActiveRoles 7.4 a ‘RemoteMailbox’ Sample script has been provided. The ‘RemoteMailbox’ script has been provided as a sample script only, to illustrate the steps required, and should not be used as-is in a production situation without modification and enhancement.
As a sample script, the script contains security credentials that are made visible in clear text.
The use of security credentials within a script in clear text should never be considered appropriate or secure. In testing this script, care and consideration should be given to the authentication and use of credentials, and clear text credentials should not be left in the script once testing is complete.
Although there are multiple ways to secure credentials, the following is just one example of how to secure credentials within this script.
Example 1: Encrypt Password
1. Generate the encrypted password using PowerShell.
$password = read-host -prompt "Enter your Password" write-host "$password is password" $secure = ConvertTo-SecureString $password -force -asPlainText $bytes = ConvertFrom-SecureString $secure $bytes |
2. Copy the generated password and use it in the script as below.
$encrypted = "01000000d08c9ddf0115d1118c7a00c04fc297eb01000000c2ff6c3e15fa9c42ab0a5f8692d8e7290000000002000000000003660000c $user = "" $password = ConvertTo-SecureString -string $encrypted $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $user,$password $ExchangeFQDN = "WIN-IJ7TGIEVM7N.EDC.local" $ExchangeConnectionURI = "http://" + $ExchangeFQDN + "/PowerShell/" $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri $ExchangeConnectionURI -Credential $cred Import-PSSession $Session -DisableNameChecking -AllowClobber |
Note: A password that gets encrypted from one machine cannot be decrypted by other machines.
Example 2: Encrypt password for use on multiple machines
1. Create a salt key
$Key = New-Object Byte[] 32 [Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($Key) |
2. Edit the salt key and store it to a variable\file.
$Cred = Get-Credential $Key = (13,129,115,75,63,168,71,9,79,144,39,116,177,167,127,137,206,40,36,24,246,126,223,187,151,62,243,12,17,24,212,236) $Password = $Cred.Password| ConvertFrom-SecureString -Key $key Here $key is generated from step 1 $password is the final encrypted password |
4. This encrypted password can be decrypted by any computer in along with the salt key and can be used with any script.
Example program is shown below.
$pass ="76492d1116743f0423413b16050a5345MgB8AGwAdwB2ADgAYwBnAG0AOQBTAGkARAB0ACsARgByAGIAaQBHAGoAYgBNAHc APQA9AHwAOABmADIAYwBkAGMAZgA1AGUAYgA4ADYAMwBhAGMAYQBjAGYAMwBkAGYANQA5ADQAMQAyAGYAOABiADAANwA1 ADkAOQA4ADcAMwBkAGIAMgAyADMAZQBhADcAOQBmADAAMgA1ADUANAAxADkAOAA5ADQANA BkADMAMgA1ADUAMgA=" $Key = (13,129,115,75,63,168,71,9,79,144,39,116,177,167,127,137,206,40,36,24,246,126,223,187,151,62,243,12,17,24,212,236) $user = "edc1\administrator" $password =$pass | ConvertTo-SecureString -Key $Key $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $user,$password $ExchangeFQDN = "WIN-IJ7TGIEVM7N.EDC.local" $ExchangeConnectionURI = "http://" + $ExchangeFQDN + "/PowerShell/" $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri $ExchangeConnectionURI -Credential $cred Import-PSSession $Session -DisableNameChecking -AllowClobber |
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center