PowerShell Credentials Manager

CredMan.ps1 is a PowerShell script that provides access to the Win32 Credential Manager API used for management of stored credentials.

CredMan.ps1
 
 
 
 
 
4.1 Star
(28)
20,622 times
Add to favorites
10/13/2012
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question


  • can this be exported to csv?
    3 Posts | Last post April 03, 2018
    • Wondering if the GetCred can be exported to a csv? I added the | Export-Csv, and it creates the file but it ends up being a blank file. wanting to capture the password in the credential so it can be called up in a future script. I know it wouldn't be secure but for now I need it to perform that function.
    • Hi,
      In the original Script ouput is a Text String, and it uses a write-host to perform the output.
      You should transform it as an Object, for example:
      
              [pscustomobject]@{
                 'Username' = $($Cred.UserName)
                 'Password' = $($Cred.CredentialBlob)
                 'Target' = $($Cred.TargetName.Substring($Cred.TargetName.IndexOf("=")+1))
                 'Updated' = $([String]::Format("{0:yyyy-MM-dd HH:mm:ss}", $Cred.LastWritten.ToUniversalTime())) + ' UTC'  #  UTC
                 'Comment' = $($Cred.Comment)
              }    
      
      In this way output can be used into a variable, or exported to a file easily
      
    • Actually, the information is already *in* object form, but the author decided to explicitly convert it to a string. I replaced lines 962-986 with 'Write-Output $creds', which spits out roughly the same thing as -All but as objects.
  • licensing?
    1 Posts | Last post April 03, 2018
    • The licensing for this is unclear. 'TechNet terms of use' includes a section on software, but has very little to say about software that does not include a specific license: "If Microsoft makes any other Software available on this web site without a license agreement, you may use it solely to design, develop and test your programs to run on Microsoft products and services. "
      
      I'd like to include a modified version of CredMan in a project I'm developing (for the sole purpose of exporting credentials via command-line, which is bizarrely not provided by standard Windows functionality). Can you please provide an explicit license that either allows or disallows reuse/redistribution of your code?
  • Used the following to clean up all credentials
    1 Posts | Last post August 01, 2017
    • Use at your own risk of course;
      
      Enum-Creds | ForEach-Object {Del-Creds -Target (($_.TargetName -split "target=")[1])}
      
  • Why can't I see the added creds in Windows 7 Tresos
    1 Posts | Last post May 22, 2017
    • This is realy great code. Works like a charme.
      But when I add a new credential by unsing –AddCreds, why can’t we see this entry in the 'Control Panel/Tresor'?
      
  • How can I used a credential in PS script
    1 Posts | Last post September 12, 2016
    • Hi i was wondering how I can use a saved credential in a ps script   
      I am looking to run the Connect-MSOLService -credential cmdlet in a scheduled task run script
  • Possible to update credentials after password change?
    1 Posts | Last post September 07, 2016
    • I'm not familar with powershell, but I think something like
      
      "PS C:\> .\CredMan.ps1 -UpdCred -User '[domain]\[user]' -Pass '[NewPassword]'" 
      
      would help after changing Domain Passwords...
      ...if this would update all entries matching [domain]\[user] with the [NewPassword]
      
      Is it difficult to add such a function? I have no idea, how to do this.
  • Error when executing via cygwin SSH "cmd /c"
    2 Posts | Last post March 14, 2016
    • heya, great code that helps me alot :)
      1 thing though. I want to install simple credentials through a script. the script is on the target machine, and works fine as long as I'm runinng it on the machine console (i.e. with mstsc).  but when I'm trying to run my script with cygwin "cmd /c" I'm recieving an Error similar to @Omar IT's:
      
      Failed to write to credentials store for target '192.168.2.212' using 'my_user', 'my_passs', 'Last edited by my_machine\g_user on MY_MACHINE'
      
      
      
    • Ned,
      
      As I responded to Omar, this script was never intended to be used against a remote machine (much less using a non-Windows remoting mechanism). It's conceivable that you might use PS remoting to accomplish your goals, but I've never tested this.
  • Error when executing on remote machine
    2 Posts | Last post January 29, 2016
    • Hi, first, thanks for this code. Works great when I execute it locally. But when I execute it remotely, get this error: 
      
      Failed to write to credentials store for target '192.168.0.1' using 'RUDO\Admin', 'p@4w0r1d', 'Last edited by NGGROUP\administrator on NGPC280'
          + CategoryInfo          : NotSpecified: (:) [], ManagementException
          + FullyQualifiedErrorId : 80070520
      
      Comments:
      
      1.I have 2 domains. RUDO.local and NGGROUP.local. All my computers are in NGGROUP, but I need to store RUDO's Admin credentials in my NGGROUP domain client computers.
      
      2.All my computers have the WINRM service ON (service+listeners(all*)+ports), even I tried to run others commands remotely, server to client, and winrm works fine!
      
      3.I used two kind of methods-commands to run your CredMan.ps1 from my server(admin creds) to client NGPC280: 
      
      ***a)invoke-command -computername NGPC280 {powershell.exe -executionpolicy byPass -file C:\CredMan.ps1 -AddCred -Target '192.168.0.1' -User 'rudo\admin'  -Pass 'p@4w0r1d' -CredType 'domain_password'} 
      (obviously CredMan.ps1 is located in NGPC280' C root) and.....
      
      ***b)enter-pssession NGPC280--> [norgue280]:PS C:\CredMan.ps1 -AddCred -Target '192.168.0.1' -User 'rudo\admin'  -Pass 'p@4w0r1d' -CredType 'domain_password' 
      (obviously executionpolicy is set to bypass).
      
      4.When I execute this code (3.b) on both computers in the PS localy, server and client, works wonderful.
      
      So, please help me, since Cpassword died, my life is a mess...
      
      Thanks a lot.
    • Sorry, but Credman was never intended to be used remotely.
      It sounds like you really should be using a domain for what it was designed - not as an expensive workgroup.
      You will find that establishing a trust between the domains and creating service accounts will serve your cross-domain needs much better than duplicating credentials all over the place.
  • Is it possible to ShowCred on a Remote Computer?
    2 Posts | Last post January 29, 2016
    • First all Thank you very much sir. Your script is awesome! Is it possible to ShowCred on a remote computer? 
    • Not inherently - Win32 API CredMan (the mechanism underlying this script) doesn't know how to communicate with another computer, since the functionality is strictly local.
      
  • 'Enum-Creds' is not recognized as the name of a cmdlet
    2 Posts | Last post January 29, 2016
    • Did this function get accidentally deleted at some point?
    • Based on the error message you've described, I'd say you're using it wrong, since Enum-Creds never was a cmdlet.
      
      Use: get-help .\credman.ps1 -full to see how to use it.
      Also read the description here.
1 - 10 of 22 Items