我需要安全字符串的帮助我明白这种方式不是很安全。但这是在机器的管理员方面。但是,我不希望管理员看到明文密码。
我已成功使用此方法处理此脚本:
$securepasswordkey = "76492d1116743f0423413b16050a5345MgB8AG4ARgBHAGIAWABmAEgAOABZAEoAbQBCAGYAegBsAEYATwAyAHEAcgAHwAOAA2ADUANwA5AGUAYwA4ADQAMgA1ADUAYQBhAGQAOAA2ADQANgA3AGUAMgA1AGMAYQA5AGQANwAwAGIAMAAxAGYAZgBhAGQAMwBiADYAMgBmAGIANwA5ADcAZABiADMAZgAyAGMAMABhAGYAYwA1AGQAOQA3AGMAMAAzADcAMwAzAGMAMQA1ADQAOABjADkAMwBhADcAMQBlAGUAZQA4AGYANwA5ADEAYgA0AGIAYgA0ADgA"
$key = (3,4,2,3,56,34,254,222,1,1,2,23,42,54,33,233,1,34,2,7,6,5,35,43)
$password = ConvertTo-SecureString -String $SecurePasswordKey -Key $key
$username = "$domain\administrator"
$cred = new-object -typename System.Management.Automation.PSCredential - argument $username, $password
上面的一个成功地隐藏了密码。但是现在我正在尝试在没有凭证对象的情况下完成它而我遇到了问题:
$Secure = "76492d1116743f0423413b16050a5345MgB8ADAATQA5ADAAQwBLAGIAKwBPAFEATwA2ADIASgBVADAAGIAZAAwADgAMwAzADIANQA0ADAAOQA0ADUAMgBhADMANgAyAGQANQA4AGUANwAyADgANABhAGIAOABjAGUAMgAyADAAYQBlADkAZgBlAGYAOQAxAGIAOQA="
$Key = (3,4,2,3,56,34,254,222,1,1,2,23,42,54,33,233,1,34,2,7,6,5,35,43)
$password = ConvertTo-SecureString -String $Secure -Key $key
$sqlQuery | sqlplus -silent "USERNAME/$password@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(Host=database.host.net)(Port=1522))(CONNECT_DATA=(SERVICE_NAME=database.host.net)))"
答案 0 :(得分:0)
你的问题在这里:
$password = ConvertTo-SecureString -String $Secure -Key $key
使用这行代码,$password变量包含SecureString对象,而不是纯文本字符串。这是一个简短的函数,它返回SecureString对象的纯文本字符串:
# Return a SecureString as a String.
function ConvertTo-String {
param(
[Security.SecureString] $secureString
)
$marshal = [Runtime.InteropServices.Marshal]
try {
$intPtr = $marshal::SecureStringToBSTR($secureString)
$string = $marshal::PtrToStringAuto($intPtr)
}
finally {
if ( $intPtr ) {
$marshal::ZeroFreeBSTR($intPtr)
}
}
$string
}
将此功能添加到您的脚本中,您现在可以写下:
$password = ConvertTo-String (ConvertTo-SecureString -String $Secure -Key $key)
现在$password将包含纯文本字符串。