Save PowerCLI Login Credentials to XML Securely (Mostly)

Summary:
PowerCLI has a cmdlet that allows you to save your logins to vCenter and ESX(i) hosts to a XML file so you can use those as reference in your PowerCLI scripts when calling the Connect-VIServer cmdlet.
How to use it:
#This stores your credentials into an xml file.  You can open the xml file, but the password is hashed.
New-VICredentialStoreItem -Host ESXorvCenterHostname -User root -Password "Super$ecretPassword" -File C:\Whateveryouwanttonameit.xml
 
#To use the data stored in the XML file, we will call the Get-VICredentialStoreItem and place the data into a variable for use.
$Creds = Get-VICredentialStoreItem -Host ESXorvCenterHostName -File C:\Whateveryouwanttonameit.xml

#Now you can use the $Cred variable for the username and password switches in the connect-viserver cmdlet
Connect-VIServer ESXorvCenterHostName -User $Creds.User -Password $Creds.Password


Caveats:
  1. XML files can only be referenced from the computer they were created on.
    • Powershell Remoting or Running PowerCLI on the computer the xml files were generated.
  2. Nothing is truly secure, so make sure those generated xml files are placed into a secure location.  You don’t want users who don’t know what they are doing to access them.
I think this is a useful function especially if you have several vCenter servers not in linked mode.

No comments: