Re: embedding passwords in scripts? Is there a better way? (274 Views)
Reply
Occasional Contributor
jbagley2
Posts: 11
Registered: ‎07-09-2013
Message 1 of 3 (326 Views)

embedding passwords in scripts? Is there a better way?

There are several scenarios where I need to execute a script that requires a password to an external system.  Is there a recommended best practice for doing this?

 

The current need is to join a windows computer to the domain, which is very common.  But, there are other scenarios where credentials are needed.

 

If this is covered in the documentation somewhere I missed it.  I have tried to use the powershell PSCredential object to store encrypted credentials with mixed results.

 

Any help would be appreciated!

 

thanks!

 

-james

 

Occasional Contributor
jbagley2
Posts: 11
Registered: ‎07-09-2013
Message 2 of 3 (274 Views)

Re: embedding passwords in scripts? Is there a better way?

We decided that securing the folder the script lives in inside of HP-SA is sufficient for scripts that require stored credentials.  We'll limit exposure by using credentials that only have the priviliges needed for the task at hand.

 

However, a follow up question specific to joining a windows machine to a domain.  I have two powershell scripts to do this, the first one renames the system and reboots.  The second script joins the system to the domain and reboots.  The problem is that HPSA seems to execute the second script before the first one completes.  The error I get from the second script is that it failed to run because the system is shutting down.  Clearly undesirable.

 

But, how do I tell HP-SA that a script is going to reboot the server and the next script should delay execution?

 

thanks,

 

-james

 

Occasional Contributor
jbagley2
Posts: 11
Registered: ‎07-09-2013
Message 3 of 3 (256 Views)

Re: embedding passwords in scripts? Is there a better way?

Ok, to answer my own question.  The script that needs the server to be restarted needs to print a specific string back to HP-SA to indicate a forced reboot.  For powershell it looks like this:

 

write-host "OPSW_FORCE_REBOOT";
Restart-Computer;

 

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.