Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Protecting Credentials Retrieved using @cyberark AAM Credential Providers in PowerShell Scripts [Recommended Best Practice]
# Import the modules to be used
Import-Module psPAS # https://github.com/pspete/psPAS
Import-Module CredentialRetriever # https://github.com/pspete/CredentialRetriever
# Before login, we'll request the credentials from AAM and immediately pass the PSCredential object for secure login
New-PASSession -BaseURI https://pvwa.joegarcia.dev -Credential $(Get-CCPCredential -URL https://pvwa.joegarcia.dev -AppID ApplicationID -Safe SafeName -UserName ServiceManagerUser).ToCredential() -type LDAP
# Do stuff here...
# Finally,
Close-PASSession

Prior to Deployment

You will want to be sure to protect the source code of the script by creating an executable out of it.

This will prevent someone from being able to step through the code in debug.

I recommend using PS2EXE-GUI from TechNet to further obfuscate the source code and modifications to it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment