Wednesday, May 3, 2017

Set-O365EncryptedCredentials.ps1

The purpose of Set-O365EncryptedCredentials.ps1 is to collect credential information for connecting to Office 365 (O365) and save them into local files (O365user.txt / O365cred.txt) to be called in future scripts.
  • O365user.txt - Text file containing plain text username for O365 access
  • O365cred.txt - Text file containing encrypted password for O365 access

Note: Links to Full script and MSDN pages of used commands at end of post.

COMMENT-BASED HELP


 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
<#
.SYNOPSIS
    Create User and Password files for future use
.DESCRIPTION
    Create following files for use in auto login for O365:
        o user.txt - Contains O365 UPN (Optional)
        o cred.txt - Contains encrypted O365 password (Required)
.PARAMETER Path
    Enter alternate path to save files to, defualt is users local app data
.EXAMPLE
    Set-O365EncryptedCredentials.ps1
.NOTES
    Created by Chris Lee
    Date April 20, 2017
.LINK 
    GitHub: https://github.com/clee1107/Public/blob/master/O365/Set-O365EncryptedCredentials.ps1
    Blogger: http://www.myitresourcebook.com/2017/05/set-o365encryptedcredentialsps1.html
#>
This section of code contains needed information to respond to Get-Help requests.  To view complete help execute string below:

1
Get-Help Set-O365EncryptedCredentials.ps1 -Full
It covers what the script does, provides details of parameters and even examples of how to execute the script. It is good practice to complete this one for yourself and future staff but also for contributing to the PowerShell community.


PARAMTERS


1
2
3
4
5
6
[Cmdletbinding()]
Param
(
    [String]
    $Path = [Environment]::GetFolderPath("LocalApplicationData")
)
This section defines the parameters for the script.

I utilize a single string to define a variable $Path. I further define a default value for the variable, happens to be the executing account's LocalApplcationData folder.
One could override the default by defining the parameter when executing the script like line 1:
1
2
3
4
Set-O365EncryptedCredentials.ps1 -Path "\\server\share\folder

[String]
$Path = "\\Server\share\folder"
Or by updating the default value in the script like lines 3-4:


CODE BREAK

1
2
3
#################################
## DO NOT EDIT BELOW THIS LINE ##
#################################
To reduce novice users from breaking the code I place the above note in my scripts.  Basically unless you know what you are doing or willing to learn how to fix something don't edit the code below this message.


CREATE USER FILE


1
2
3
##Create User account if provided
    Read-Host -Prompt "Enter your tenant UPN" `
        | Out-File "$Path\O365user.txt"
  • Line 1 This line comments out and places a marker stating what the following lines do
  • Line 2 Read-Host Prints to display what is in quotes (" ") and waits for user to respond (-prompt is optional
    • Note the backtick ( ` ) at the end, this is a special escape character called a line continuation.  It allows long strings to be broken onto several lines.  I utilize this to break long strings that utilize pipeline ( | ) or become to long.
  • Line 3 Is a continuation of line 2 thanks to the backtick ( ` ).  To start we have a pipeline ( | ) operator then Out-File
    • Pipeline ( | ) allows the output of previous command to be used as input of following command.
      • In this casethe output of line 2's Read-Host (user's input) is passed to line 3's Out-File
    • Out-File sends output to a file
      • In this case the output of line 2's Read-Host (user's input) is passed to line 3's Out-File to be written to file O365user.txt in the defined path.

CREATE ENCRYPTED PASSWORD FILE


1
2
3
4
##Create Password
    Read-Host -Prompt "Enter your tenant password" -AsSecureString `
        | ConvertFrom-SecureString `
        | Out-File "$Path\O365cred.txt"
  • Line 1 This line comments out and places a marker stating what the following lines do
  • Line 2 Read-Host Prints to display what is in quotes (" ") and waits for user to respond
    • -prompt is optional as PowerShell assumes it's presence
    • -AsSecureString masks user input on the screen with asterisks (*) and stores the input as Securestring object (System.Security.SecureString)
    • Note the backtick ( ` ) at the end, this is a special escape character called a line continuation.  It allows long strings to be broken onto several lines.  I utilize this to break long strings that utilize pipeline ( | ) or become to long.
  • Line 3 Is a continuation of line 2 thanks to the backtick ( ` ).  To start we have a pipeline ( | ) operator then ConvertFrom-SecureString followed by another backtick ( ` )
    • Pipeline ( | ) allows the output of previous command to be used as input of following command.
      • In this case the output of line 2's Read-Host (user's input) is passed to line 3's ConvertFrom-SecureString
    • ConvertFrom-SecureString tales the SecureObject from line 2's Read-Host and converts it to an encrypted standard string (System.String)
    • Backtick ( ` ) provide line continuation to line 4
  • Line 4 Continues from line 3's backtick ( ` ).  Here we use the pipeline ( | ) operator again to send output to the Out-File cmdlet
    • Pipeline ( | ) allows the output of previous command to be used as input of following command.
      • In this case the output of line 2's Read-Host (user's input) is passed to line 3's Out-File
    • Out-File sends output to a file
      • In this case the output of line 2's Read-Host (user's input) is passed to line 3's Out-File to be written to file O365user.txt in the defined path.


Full script can be accessed from following link:
Further reference links for PowerShell cmdlets used can be found on following post:

Code Snippets created via: http://hilite.me/

2 comments: