how to use store azure vault in powershell script for getting PS Credentail arugment

Richkm 146 Reputation points
2022-03-10T09:59:01.897+00:00

Hello ,I am working to rename the computer for that I am using store azure vault secret to store password then retrieving and will use this value to pass as argument to rename-computer commands but I am not able to implement .below is code.

$newname =(get-CIMInstance -Classname win32_bios).serialnumber
$password =Get-AzKeyVaultSecret -VaultName "hybridautopilotkey" -Name "Administrator" -AsPlainText
Write-Host $password #just to see ..its working
$Cred = New-Object System.Management.Automation.PSCredential ("rklab\Administrator", $password)
Rename-Computer -ComputerName "localhost" -NewName $newname -DomainCredential $Cred -Force

but it didn't work ..maybe this is not right way to pass as argument .
how to rename-computer using credential stored azure vault secret key

error was
Cannot find an overload for "PSCredential" and the argument count: "2".
At line:3 char:9

  • $Cred = New-Object System.Management.Automation.PSCredential ("rklab\ ...
  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • CategoryInfo : InvalidOperation: (:) [New-Object], MethodException
  • FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand

thanks
rich

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,124 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,381 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JamesTran-MSFT 36,376 Reputation points Microsoft Employee
    2022-03-14T23:15:49.417+00:00

    @Richkm
    Thank you for following up on this!

    I tested your script in my tenant to confirm that the Secret was being retrieved correctly and found that you might have to use ConvertFrom-SecureString -AsPlainText or $SecretDetail.SecretValueText within the $Cred parameter. Since you're using the same secret as $password, you can also try replacing $SecretDetail.SecretValue with $password.

    $Cred = New-Object System.Management.Automation.PSCredential ("SCCMADMIN@testoutlook.onmicrosoft.com", $SecretDetail.SecretValue)

    Findings: 

    #Get-AzKeyVaultSecret works as expected showing the Secret was retrieved successfully.  
$password =Get-AzKeyVaultSecret -VaultName "jtranKeyVault" -Name "testSecret" -AsPlainText  
Write-Host $password  

#The SecretDetail parameter is retrieving the ...PSKeyVaultSecret value, that isn't in PlainText and is Null.  
$SecretDetail = Get-AzKeyVaultSecret -VaultName "jtranKeyVault" -Name "testSecret"   
Write-Host $SecretDetail  
Write-Host $SecretDetail.SecretValueText

    183017-image.png

    Since $SecretDetail is Null, $Cred is possibly failing to login which could be why you're receiving the "Access is denied" error referencing the Rename-Computer command.

    If you have any other questions or are still having issues with this, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    1 person found this answer helpful.