Share via

how to use store azure vault in powershell script for getting PS Credentail arugment

Richkm 151 Reputation points
2022-03-10T09:59:01.897+00:00

Hello ,I am working to rename the computer for that I am using store azure vault secret to store password then retrieving and will use this value to pass as argument to rename-computer commands but I am not able to implement .below is code.

$newname =(get-CIMInstance -Classname win32_bios).serialnumber
$password =Get-AzKeyVaultSecret -VaultName "hybridautopilotkey" -Name "Administrator" -AsPlainText
Write-Host $password #just to see ..its working
$Cred = New-Object System.Management.Automation.PSCredential ("rklab\Administrator", $password)
Rename-Computer -ComputerName "localhost" -NewName $newname -DomainCredential $Cred -Force

but it didn't work ..maybe this is not right way to pass as argument .
how to rename-computer using credential stored azure vault secret key

error was
Cannot find an overload for "PSCredential" and the argument count: "2".
At line:3 char:9

  • $Cred = New-Object System.Management.Automation.PSCredential ("rklab\ ...
  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • CategoryInfo : InvalidOperation: (:) [New-Object], MethodException
  • FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand

thanks
rich

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,448 questions
Windows for business | Windows Server | User experience | PowerShell

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JamesTran-MSFT 36,906 Reputation points Microsoft Employee Moderator
    2022-03-14T23:15:49.417+00:00

    @Richkm
    Thank you for following up on this!

    I tested your script in my tenant to confirm that the Secret was being retrieved correctly and found that you might have to use ConvertFrom-SecureString -AsPlainText or $SecretDetail.SecretValueText within the $Cred parameter. Since you're using the same secret as $password, you can also try replacing $SecretDetail.SecretValue with $password.

    $Cred = New-Object System.Management.Automation.PSCredential ("******@testoutlook.onmicrosoft.com", $SecretDetail.SecretValue)

    Findings: 

    #Get-AzKeyVaultSecret works as expected showing the Secret was retrieved successfully.  
$password =Get-AzKeyVaultSecret -VaultName "jtranKeyVault" -Name "testSecret" -AsPlainText  
Write-Host $password  

#The SecretDetail parameter is retrieving the ...PSKeyVaultSecret value, that isn't in PlainText and is Null.  
$SecretDetail = Get-AzKeyVaultSecret -VaultName "jtranKeyVault" -Name "testSecret"   
Write-Host $SecretDetail  
Write-Host $SecretDetail.SecretValueText

    183017-image.png

    Since $SecretDetail is Null, $Cred is possibly failing to login which could be why you're receiving the "Access is denied" error referencing the Rename-Computer command.

    If you have any other questions or are still having issues with this, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.