153 lines
5.7 KiB
PowerShell
153 lines
5.7 KiB
PowerShell
function Find-CredentialStoreItem {
|
|
<#
|
|
.SYNOPSIS
|
|
Locates a CredentialStoreItem in any CredentialStore from a given remote host item.
|
|
|
|
.DESCRIPTION
|
|
Find the credential object and return it as PSCredential object.
|
|
|
|
.PARAMETER RemoteHost
|
|
Specify the host, for which you would like to find the credentials.
|
|
|
|
.PARAMETER Identifier
|
|
Provide a custom identifier to the given remote host key. This enables you to store multiple credentials
|
|
for a single remote host entry. For example ad/sys1, ftp/sys1, sql/sys1
|
|
|
|
.PARAMETER Type
|
|
Influence in which types of CredentialStore this function will look for a object. List of possible types:
|
|
- All (include private and shared CredentialStore) - this is also the default.
|
|
- Private (only look in a private CredentialStore)
|
|
- Shared (only look in the shared CredentialStore)
|
|
|
|
.INPUTS
|
|
[None]
|
|
|
|
.OUTPUTS
|
|
[System.Management.Automation.PSCredential]
|
|
|
|
.EXAMPLE
|
|
$Credential = Find-CredentialStoreItem -RemoteHost 'support.komm-one.net' -Type 'All'
|
|
|
|
.EXAMPLE
|
|
$params = @{
|
|
RemoteHost = 'support.komm-one.net'
|
|
Type = 'Private'
|
|
Identifier = 'PersonId'
|
|
}
|
|
$Credential = Find-CredentialStoreItem @params
|
|
#>
|
|
|
|
[CmdletBinding()]
|
|
|
|
param(
|
|
[Parameter(Mandatory = $true)]
|
|
[ValidateNotNullOrEmpty()]
|
|
[string] $RemoteHost,
|
|
|
|
[Parameter(Mandatory = $false)]
|
|
[string] $Identifier,
|
|
|
|
[Parameter(Mandatory = $false)]
|
|
[ValidateSet('All', 'Private', 'Shared')]
|
|
[string] $Type = 'All'
|
|
)
|
|
|
|
begin {
|
|
# Define some defaults for the PreferenceVariables.
|
|
$ErrorActionPreference = 'Stop'
|
|
$InformationPreference = 'Continue'
|
|
$WarningPreference = 'Continue'
|
|
$ProgressPreference = 'SilentlyContinue'
|
|
|
|
# Construct the CredentialStore list, based on what $Type says.
|
|
switch ($Type) {
|
|
'All' {
|
|
$CredentialStoreList = @('Private', 'Shared')
|
|
break
|
|
}
|
|
'Private' {
|
|
$CredentialStoreList = @('Private')
|
|
}
|
|
'Shared' {
|
|
$CredentialStoreList = @('Shared')
|
|
}
|
|
}
|
|
}
|
|
|
|
process {
|
|
# Now go and look for the CredentialStoreItem.
|
|
foreach ($Store in $CredentialStoreList) {
|
|
# First make sure, that the CredentialStore exists. Sadly I don't have a way to solve this any better
|
|
# programmatically, as PowerShell behaves oddly, if you try and pass an empty splatting to a function.
|
|
Write-Verbose -Message ('Checking if CredentialStore of type {0} exists' -f $Store)
|
|
|
|
if ($Store -eq 'Private') {
|
|
if (-not (Test-CredentialStore)) {
|
|
Write-Warning -Message ('CredentialStore of type {0} not found, skipping ahead' -f $Store)
|
|
continue
|
|
}
|
|
}
|
|
elseif ($Store -eq 'Shared') {
|
|
if (-not (Test-CredentialStore -Shared)) {
|
|
Write-Warning -Message ('CredentialStore of type {0} not found, skipping ahead' -f $Store)
|
|
continue
|
|
}
|
|
}
|
|
else {
|
|
Write-Error -Message ('Invalid CredentialStore type {0} supplied' -f $Store)
|
|
continue
|
|
}
|
|
|
|
# Now that we're here, means we have tested the CredentialStore for existence. We can check, if it
|
|
# contains a CredentialStoreItem that we are looking for.
|
|
$params = @{
|
|
RemoteHost = $RemoteHost
|
|
}
|
|
|
|
# Check if the user passed -Identifier, then we add it to the splatting.
|
|
if (-not [string]::IsNullOrWhiteSpace($Identifier)) {
|
|
$params.Add('Identifier', $Identifier)
|
|
}
|
|
|
|
# Check the CredentialStore type we're currently looking at.
|
|
if ($Store -eq 'Shared') {
|
|
$params.Add('Shared', $true)
|
|
}
|
|
|
|
# Now check if the CredentialStoreItem exists
|
|
$message = 'Checking if CredentialStoreItem {0}/{1} exists in CredentialStore {2}'
|
|
$argumentlist = @($RemoteHost, $Identifier, $Store)
|
|
Write-Verbose -Message ($message -f $argumentlist)
|
|
|
|
if (Test-CredentialStoreItem @params) {
|
|
$message = 'Looking up CredentialStoreItem {0}/{1} from CredentialStore {2}'
|
|
$argumentlist = @($RemoteHost, $Identifier, $Store)
|
|
Write-Verbose -Message ($message -f $argumentlist)
|
|
|
|
try {
|
|
Write-Information -MessageData ($message -f $argumentlist)
|
|
# Read the CredentialStoreItem from the CredentialStore and store it in $CredentialObject
|
|
$CredentialObject = Get-CredentialStoreItem @params
|
|
|
|
# Now finish the loop, as we've found what we're looking for.
|
|
break
|
|
}
|
|
catch {
|
|
$_.Exception.Message | Write-Warning
|
|
$message = 'Unable to read CredentialStoreItem {0}/{1} from CredentialStore {2}'
|
|
$argumentlist = @($RemoteHost, $Identifier, $Store)
|
|
|
|
Write-Warning -Message ($message -f $argumentlist)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
end {
|
|
# Only if we've found a CredentialStoreItem above, return it back to the caller.
|
|
if ($null -ne $CredentialObject) {
|
|
$CredentialObject
|
|
}
|
|
}
|
|
}
|