PowerShell Credentials Manager

CredMan.ps1 is a PowerShell script that provides access to the Win32 Credential Manager API used for management of stored credentials.

4 Star
19,274 times
Add to favorites
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question

  • Used the following to clean up all credentials
    1 Posts | Last post August 01, 2017
    • Use at your own risk of course;
      Enum-Creds | ForEach-Object {Del-Creds -Target (($_.TargetName -split "target=")[1])}
  • can this be exported to csv?
    2 Posts | Last post July 09, 2017
    • Wondering if the GetCred can be exported to a csv? I added the | Export-Csv, and it creates the file but it ends up being a blank file. wanting to capture the password in the credential so it can be called up in a future script. I know it wouldn't be secure but for now I need it to perform that function.
    • Hi,
      In the original Script ouput is a Text String, and it uses a write-host to perform the output.
      You should transform it as an Object, for example:
                 'Username' = $($Cred.UserName)
                 'Password' = $($Cred.CredentialBlob)
                 'Target' = $($Cred.TargetName.Substring($Cred.TargetName.IndexOf("=")+1))
                 'Updated' = $([String]::Format("{0:yyyy-MM-dd HH:mm:ss}", $Cred.LastWritten.ToUniversalTime())) + ' UTC'  #  UTC
                 'Comment' = $($Cred.Comment)
      In this way output can be used into a variable, or exported to a file easily
  • Why can't I see the added creds in Windows 7 Tresos
    1 Posts | Last post May 22, 2017
    • This is realy great code. Works like a charme.
      But when I add a new credential by unsing –AddCreds, why can’t we see this entry in the 'Control Panel/Tresor'?
  • How can I used a credential in PS script
    1 Posts | Last post September 12, 2016
    • Hi i was wondering how I can use a saved credential in a ps script   
      I am looking to run the Connect-MSOLService -credential cmdlet in a scheduled task run script
  • Possible to update credentials after password change?
    1 Posts | Last post September 07, 2016
    • I'm not familar with powershell, but I think something like
      "PS C:\> .\CredMan.ps1 -UpdCred -User '[domain]\[user]' -Pass '[NewPassword]'" 
      would help after changing Domain Passwords...
      ...if this would update all entries matching [domain]\[user] with the [NewPassword]
      Is it difficult to add such a function? I have no idea, how to do this.
  • Error when executing via cygwin SSH "cmd /c"
    2 Posts | Last post March 14, 2016
    • heya, great code that helps me alot :)
      1 thing though. I want to install simple credentials through a script. the script is on the target machine, and works fine as long as I'm runinng it on the machine console (i.e. with mstsc).  but when I'm trying to run my script with cygwin "cmd /c" I'm recieving an Error similar to @Omar IT's:
      Failed to write to credentials store for target '' using 'my_user', 'my_passs', 'Last edited by my_machine\g_user on MY_MACHINE'
    • Ned,
      As I responded to Omar, this script was never intended to be used against a remote machine (much less using a non-Windows remoting mechanism). It's conceivable that you might use PS remoting to accomplish your goals, but I've never tested this.
  • Error when executing on remote machine
    2 Posts | Last post January 29, 2016
    • Hi, first, thanks for this code. Works great when I execute it locally. But when I execute it remotely, get this error: 
      Failed to write to credentials store for target '' using 'RUDO\Admin', 'p@4w0r1d', 'Last edited by NGGROUP\administrator on NGPC280'
          + CategoryInfo          : NotSpecified: (:) [], ManagementException
          + FullyQualifiedErrorId : 80070520
      1.I have 2 domains. RUDO.local and NGGROUP.local. All my computers are in NGGROUP, but I need to store RUDO's Admin credentials in my NGGROUP domain client computers.
      2.All my computers have the WINRM service ON (service+listeners(all*)+ports), even I tried to run others commands remotely, server to client, and winrm works fine!
      3.I used two kind of methods-commands to run your CredMan.ps1 from my server(admin creds) to client NGPC280: 
      ***a)invoke-command -computername NGPC280 {powershell.exe -executionpolicy byPass -file C:\CredMan.ps1 -AddCred -Target '' -User 'rudo\admin'  -Pass 'p@4w0r1d' -CredType 'domain_password'} 
      (obviously CredMan.ps1 is located in NGPC280' C root) and.....
      ***b)enter-pssession NGPC280--> [norgue280]:PS C:\CredMan.ps1 -AddCred -Target '' -User 'rudo\admin'  -Pass 'p@4w0r1d' -CredType 'domain_password' 
      (obviously executionpolicy is set to bypass).
      4.When I execute this code (3.b) on both computers in the PS localy, server and client, works wonderful.
      So, please help me, since Cpassword died, my life is a mess...
      Thanks a lot.
    • Sorry, but Credman was never intended to be used remotely.
      It sounds like you really should be using a domain for what it was designed - not as an expensive workgroup.
      You will find that establishing a trust between the domains and creating service accounts will serve your cross-domain needs much better than duplicating credentials all over the place.
  • Is it possible to ShowCred on a Remote Computer?
    2 Posts | Last post January 29, 2016
    • First all Thank you very much sir. Your script is awesome! Is it possible to ShowCred on a remote computer? 
    • Not inherently - Win32 API CredMan (the mechanism underlying this script) doesn't know how to communicate with another computer, since the functionality is strictly local.
  • 'Enum-Creds' is not recognized as the name of a cmdlet
    2 Posts | Last post January 29, 2016
    • Did this function get accidentally deleted at some point?
    • Based on the error message you've described, I'd say you're using it wrong, since Enum-Creds never was a cmdlet.
      Use: get-help .\credman.ps1 -full to see how to use it.
      Also read the description here.
  • Office 365 / Exchange Online script
    2 Posts | Last post November 11, 2015
    • Can I used this script for an Office 365 (Exchange Online) script?
    • If the app you're using stores those credentials in Windows Credentials Store, then maybe (depends on how they're managed).
1 - 10 of 21 Items