Tag: credentials

(4 Scripts)

<< Back to Script Library
Searches one or more Azure Tenants for Certificates and Client Secrets. The script reports on all credentials discovered, with their expiry date and a 'hint' that identifies the secret.
If expired or soon-to-expire credentials are discovered, an event log is written - this can be used as a trigger to generate an alert
The Application specified in the credential set must have the following permissions:
Application.Read.All (mandatory) - to read the secret metadata attached to the application
User.Read.All (mandatory) - to report the owner name and contact details
Directory.Read.All (optional) - to report the tenant name
Version: 2.0.20  •   Created: 2023-11-09  •   Modified: 2024-03-24
Create the credential files (locally) required by the Azure script actions.
Stored in %ALLUSERSPROFILE%ControlUpScriptingSupport but the client secret stored in the files can only be decrypted by the Windows user that created that file.
The files created contain the tenant id in the file name so that a single Windows user can have credential files for multiple tenants. Original Azure scripts did have this feature and the files contained the tenant id so only a single file can exist - this script creates both credential files so both new and old Azure script actions can be run.
The script willl overwrite any existing credential files for the user and tenant.
Version: 1.1.15  •   Created: 2022-02-24  •   Modified: 2022-03-09
Create the credential files (locally) required by the Citrix Cloud script actions.
Stored in %ALLUSERSPROFILE%ControlUpScriptingSupport but the client secret stored in the files can only be decrypted by the Windows user that created that file.
The files created contain the tenant id in the file name so that a single Windows user can have credential files for multiple tenants. Original Azure scripts did have this feature and the files contained the tenant id so only a single file can exist - this script creates both credential files so both new and old Azure script actions can be run.
The script willl overwrite any existing credential files for the user and tenant.
Version: 2.1.26  •   Created: 2022-02-24  •   Modified: 2024-01-26
Connecting to a Horizon Connection server is required for running Horizon scripts. The server does not allow passthrough (Active Directory) authentication. In order to allow scripts to run without asking for a password each time (such as in Automated Actions) a PSCredential object needs to be stored on each target device (i.e. each machine that will be used for running Horizon scripts). This script can create this PSCredential object on the targets.
PSCREDENTIIAL OBJECTS CAN ONLY BE USED BY THE USER THAT CREATED THE OBJECT AND ON THE MACHINE THE OBJECT WAS CREATED.
- The User that creates the file is required to have a local profile when creating the file. This is a limitation from Powershell

Modification history: 20/08/2019 - Anthonie de Vreede - First version
03/06/2020 - Wouter Kursten - Second version

Changelog ;
Second Version
- Added check for local profile
- changed error message when failing to create the xml file
Version: 5.6.14  •   Created: 2019-12-02  •   Modified: 2020-12-08