by lunarg on January 31st 2017, at 15:55

When using credentials in Powershell, you usually use Get-Credential, which essentially creates PSCredential objects. Creating such an object prompts the user to enter a username and password, which is not really usable in unattended scripts. There's a method where you can specify an unencrypted password but this is not secure. Fortunately, there's also a method where you can store the encrypted password in a file and use it to set the password.

To create a password file, run this from a Powershell window:

Read-Host -AsSecureString | ConvertFrom-SecureString | Out-File path-to-file

You will not get a real prompt: simply type the password will show * in the console. Type the password twice, pressing Enter, and the encrypted password will be saved.

In your scripts, you can then create PSCredential objects, specifying a username and using the contents of the file as a encrypted password:

$MyUser = "domain\user"
$MyPassword = cat path-to-file | ConvertTo-SecureString
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $MyUser, $MyPassword

This creates the PSCredential object $cred which can be used in many cmdlets requiring the use of credentials.