Wednesday, March 28, 2018

WFA handling passwords as userinput

Although WFA has a credential repository, sometimes it is still needed to prompt an operator for a password.

In that case, it's best it is protected and no-where to be found in the logs.

WFA has this feature and here is a step-by-step tutorial on how it works.

Create a new command

param(

 [parameter(Mandatory=$true, HelpMessage="Your Password Please")]
 [Alias("MyPassword_Password")]
 [string]$MyPassword

)

$SecurePassword = Get-WfaInputPassword  -EncryptedPassword $MyPassword
$TextPassword= ConvertFromSecureToPlain -SecurePassword $SecurePassword


Get-WfaLogger -Info -Message "Password : $TextPassword"



Notice the alias where we use the parameter name and suffix "_Password".  This is required so the parameter discovery agent knows this parameter is a password.



Create a new workflow



Add a new userinput



Make it type "Password"



You can now test the workflow



And your password is right there.

Download the dar (4.2 version)

Geplaatst door on
Labels: , ,

1 comment :

Subscribe to: Post Comments ( Atom )