04-17-2014 10:49 AM
There are several scenarios where I need to execute a script that requires a password to an external system. Is there a recommended best practice for doing this?
The current need is to join a windows computer to the domain, which is very common. But, there are other scenarios where credentials are needed.
If this is covered in the documentation somewhere I missed it. I have tried to use the powershell PSCredential object to store encrypted credentials with mixed results.
Any help would be appreciated!
04-21-2014 09:08 AM
We decided that securing the folder the script lives in inside of HP-SA is sufficient for scripts that require stored credentials. We'll limit exposure by using credentials that only have the priviliges needed for the task at hand.
However, a follow up question specific to joining a windows machine to a domain. I have two powershell scripts to do this, the first one renames the system and reboots. The second script joins the system to the domain and reboots. The problem is that HPSA seems to execute the second script before the first one completes. The error I get from the second script is that it failed to run because the system is shutting down. Clearly undesirable.
But, how do I tell HP-SA that a script is going to reboot the server and the next script should delay execution?
04-28-2014 01:55 PM
Ok, to answer my own question. The script that needs the server to be restarted needs to print a specific string back to HP-SA to indicate a forced reboot. For powershell it looks like this:
write-host "OPSW_FORCE_REBOOT"; Restart-Computer;