开发者

Using Remove-Item with Credentials

问答 作者:

I am attempting to use the Remove-Item cmdlet as part of an automation for a system. The files are stored on a server that requires elevated rights to perform the file deletion. I have access to a domain admin account that I use for such automation scripts.

The code below will build the PSCredential object:

$password = New-Object System.Security.SecureString
"passwordhere".ToCharArray() | ForEach-Object { $password.AppendChar($_) }
$cred = New-Object System.Management.Automation.PSCredential("domain\username",$password)
$cred

I am passing this object to the following action:

开发者_运维百科Remove-Item -LiteralPath $path -Force -Credential $cred

Any ideas?

It's not clear to me if the files are local (you're running the script on the server) or remote (on another machine). If local try running the command using a background job and pass in the credentials to Start-Job:

$job = Start-Job { Remove-Item -LiteralPath $path -force } -cred $cred 
Wait-Job $job
Receive-Job $job

If they're remote, try using remoting:

Invoke-Command -computername servername `
               -scriptblock { Remove-Item -LiteralPath $path -force } `
               -Cred $cred

Note: This requires that you execute Enable-PSRemoting on the remote machine.

In general, putting raw passwords in your script isn't a great idea. You can store the password in an encrypted manner using DPAPI and later, only that user account can decrypt the password e.g.:

# Stick password into DPAPI storage once - accessible only by current user 
Add-Type -assembly System.Security 
$passwordBytes = [System.Text.Encoding]::Unicode.GetBytes("Open Sesame") 
$entropy = [byte[]](1,2,3,4,5) 
$encrytpedData = [System.Security.Cryptography.ProtectedData]::Protect( ` 
                       $passwordBytes, $entropy, 'CurrentUser') 
$encrytpedData | Set-Content -enc byte .\password.bin 

# Retrieve and decrypted password 
$encrytpedData = Get-Content -enc byte .\password.bin 
$unencrytpedData = [System.Security.Cryptography.ProtectedData]::Unprotect( ` 
                       $encrytpedData, $entropy, 'CurrentUser') 
$password = [System.Text.Encoding]::Unicode.GetString($unencrytpedData) 
$password

Remove-Item can fail due to authorisation. Alternatively, either find the reference for each file and hit it with a .Delete() or move all of the files to the recycle bin. 

foreach ($svr in $computers) 
{
    Invoke-Command -ComputerName $svr { 

    $folderitems = Get-ChildItem $cachefolder -Recurse

    # Method 1: .Delete
    foreach ($cachefolderitem in $cachefolderitems)
    {
        if ($cachefolderitem -like "*.ini")
        {
            $cachefolderitem.Delete()
        }
    }

   # Method 2: Move all matching files to the recycle bin
   Move-Item "$cachefolder\*.ini" 'C:\$Recycle.Bin' -Force 
}

继续阅读:powershell-2.0powershell-cmdlet

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9