1
00:00:01,140 --> 00:00:06,050
So let's go back into our environment, and we'll look at how we create

2
00:00:06,050 --> 00:00:11,540
PSCredential objects to be able to utilize that for other commands.

3
00:00:11,540 --> 00:00:15,780
So we're back on our Windows 10 workstation, the one that's

4
00:00:15,780 --> 00:00:18,550
connected to our Globomantics servers.

5
00:00:18,550 --> 00:00:20,780
And one of the things that we want to do here is

6
00:00:20,780 --> 00:00:23,160
obviously create a PSCredential object.

7
00:00:23,160 --> 00:00:27,140
Now first off, I'm just going to create a variable here called $creds.

8
00:00:27,140 --> 00:00:31,490
And the simplest and easiest way of creating a PSCredential

9
00:00:31,490 --> 00:00:34,890
object is to call Get‑Credential, and I'm going to press Enter

10
00:00:34,890 --> 00:00:38,780
here, and you'll see it launches a Windows prompt that's going to

11
00:00:38,780 --> 00:00:40,480
ask me to enter credentials.

12
00:00:40,480 --> 00:00:47,040
So if I type Test and type Test again, I'll click OK.

13
00:00:47,040 --> 00:00:48,280
And sure enough, it creates it.

14
00:00:48,280 --> 00:00:51,910
Now, I don't have an account called Test with a password of Test, but

15
00:00:51,910 --> 00:00:55,850
what it did is it just creates a credential object.

16
00:00:55,850 --> 00:00:58,360
So it would just be a way to not actually validating

17
00:00:58,360 --> 00:00:59,790
the credentials that you type.

18
00:00:59,790 --> 00:01:04,540
So if you type the password incorrectly, then, of course, it's going to fail.

19
00:01:04,540 --> 00:01:07,470
So, what about if you wanted to actually create it with

20
00:01:07,470 --> 00:01:09,770
valid credentials and then utilize that?

21
00:01:09,770 --> 00:01:13,590
Well, if we just clear here, what we can actually do is

22
00:01:13,590 --> 00:01:16,440
remake our variable called $creds.

23
00:01:16,440 --> 00:01:17,620
Well, I'll tell you what we'll do first.

24
00:01:17,620 --> 00:01:22,070
We'll actually just use whoami first, which will tell me my training account.

25
00:01:22,070 --> 00:01:25,410
And sure enough, I'm using training domain and trainer.

26
00:01:25,410 --> 00:01:31,020
I want to utilize that, so we'll now say $creds, and we'll say Get‑Credential.

27
00:01:31,020 --> 00:01:37,230
And what we can do is initiate the first part of the credential here. So I can

28
00:01:37,230 --> 00:01:40,140
put in the name, so I can say "training\trainer".

29
00:01:40,140 --> 00:01:43,190
Now what will happen when I do this is it's already

30
00:01:43,190 --> 00:01:44,980
prefixed the username for me.

31
00:01:44,980 --> 00:01:48,460
So when I press Enter here, you'll see that my box for username

32
00:01:48,460 --> 00:01:51,550
is already populated with training/trainer.

33
00:01:51,550 --> 00:01:56,450
And then I can just type in my password like so, press Enter,

34
00:01:56,450 --> 00:01:59,960
and then if I check what's in the $creds object, you can see

35
00:01:59,960 --> 00:02:02,120
it's now got a training\trainer.

36
00:02:02,120 --> 00:02:06,580
You'll never see the password because the password is a secure string, so a

37
00:02:06,580 --> 00:02:10,740
very simple way of obviously utilizing the Get‑Credential. That is the most

38
00:02:10,740 --> 00:02:14,340
common way of creating a PSCredential object.

39
00:02:14,340 --> 00:02:19,560
Now another way is to do it, I have to refer to this as the more complicated

40
00:02:19,560 --> 00:02:25,040
approach, but I'm a great fan of kind of granularity of things.

41
00:02:25,040 --> 00:02:30,510
So I'm going to say $pwd. You can see I'm just creating simple

42
00:02:30,510 --> 00:02:33,420
accounts, so I've got my training\trainer and then my password,

43
00:02:33,420 --> 00:02:35,640
which isn't the correct one, by the way.

44
00:02:35,640 --> 00:02:40,130
But what I'm able to do here is I can then start to create a new object.

45
00:02:40,130 --> 00:02:43,590
Now the first thing you'll notice is that when I actually created the

46
00:02:43,590 --> 00:02:47,240
$creds object previously, so if I just say $creds here,

47
00:02:47,240 --> 00:02:52,060
you'll see actually it created what was called a System.Security.SecureString,

48
00:02:52,060 --> 00:02:55,340
which clearly my password variable is not.

49
00:02:55,340 --> 00:02:58,960
So, what we need to do is actually repopulate this

50
00:02:58,960 --> 00:03:02,340
variable with a different approach.

51
00:03:02,340 --> 00:03:06,810
So I'm going to say ConvertTo‑SecureString because that's what we want to do.

52
00:03:06,810 --> 00:03:09,800
We want to take the piece of plain text that we've written

53
00:03:09,800 --> 00:03:12,540
and convert it to a secure string value.

54
00:03:12,540 --> 00:03:16,620
So I'm going to say "Pass@word1", and then I'm going to say

55
00:03:16,620 --> 00:03:21,340
‑AsPlainText, and then I'll just ‑Force that to create it.

56
00:03:21,340 --> 00:03:21,690
Okay,

57
00:03:21,690 --> 00:03:24,340
so what does that look like in my password object? Well, now it

58
00:03:24,340 --> 00:03:26,980
just looks like System.Security.SecureString,

59
00:03:26,980 --> 00:03:32,540
which is exactly what we need as part of the PSCredential object.

60
00:03:32,540 --> 00:03:36,200
So what we can do now, let me just clear this down so we've got a clear screen,

61
00:03:36,200 --> 00:03:38,840
I'm going to create my $creds variable.

62
00:03:38,840 --> 00:03:42,840
And the first way of doing this is to actually say New‑Object.

63
00:03:42,840 --> 00:03:46,920
And then just like you would in any kind of coding language,

64
00:03:46,920 --> 00:03:49,530
you can kind of traverse through the namespaces.

65
00:03:49,530 --> 00:03:53,350
So, you'll see I'm going to say, System.Management.Automation,

66
00:03:53,350 --> 00:03:56,090
and then I'm going to say if I tab through,

67
00:03:56,090 --> 00:04:00,090
you'll see PS with a C. Now there's loads of them, so if I just say

68
00:04:00,090 --> 00:04:07,060
PSCre, PSCredential. And then what the PSCredential object requires

69
00:04:07,060 --> 00:04:09,680
is two objects to be present here.

70
00:04:09,680 --> 00:04:12,710
The first one, as you've guessed it, would be the user,

71
00:04:12,710 --> 00:04:14,760
the second one would be the password.

72
00:04:14,760 --> 00:04:18,520
So if I press Enter now, and when I go to my $creds object,

73
00:04:18,520 --> 00:04:21,940
you'll see that I've now got that same credential object.

74
00:04:21,940 --> 00:04:24,310
So instead of me saying Get‑Credential and having

75
00:04:24,310 --> 00:04:27,510
someone type the credentials at runtime,

76
00:04:27,510 --> 00:04:33,110
I could've stored these within text objects inside a PowerShell script.

77
00:04:33,110 --> 00:04:35,760
Now the other option I've got is to kind of, if we go back

78
00:04:35,760 --> 00:04:38,170
to this same kind of syntax that's here,

79
00:04:38,170 --> 00:04:40,120
what we can do is change it a little bit.

80
00:04:40,120 --> 00:04:43,710
Now, of course, with PowerShell, we have the ability to utilize

81
00:04:43,710 --> 00:04:47,340
various properties, so, for example ‑TypeName. This would, I

82
00:04:47,340 --> 00:04:50,440
suppose, be the strongly‑typed version of this.

83
00:04:50,440 --> 00:04:55,700
So if we go back, you can say my ‑TypeName is of PSCredential. And then

84
00:04:55,700 --> 00:05:00,360
what I can do is pass an ‑ArgumentList, and the ‑ArgumentList is going

85
00:05:00,360 --> 00:05:02,310
to be the variables that we populated.

86
00:05:02,310 --> 00:05:05,520
So I'm going to press Enter here, and then sure

87
00:05:05,520 --> 00:05:07,540
enough, you'll see my $creds object.

88
00:05:07,540 --> 00:05:11,510
So, three different ways of actually creating the PSCredential object.

89
00:05:11,510 --> 00:05:15,460
The first one being using Get‑Credential, and then the second one

90
00:05:15,460 --> 00:05:20,210
being, obviously, creating the user and the password, and then

91
00:05:20,210 --> 00:05:25,190
creating a new object and passing in the type or actually declaring

92
00:05:25,190 --> 00:05:27,040
the ‑TypeName and the ‑ArgumentList.

93
00:05:27,040 --> 00:05:31,530
All of these will work, and this will allow you to reuse that $creds

94
00:05:31,530 --> 00:05:34,540
object whenever you need to connect to anything.

95
00:05:34,540 --> 00:05:38,120
So if I need to connect to a different computer, so I can say

96
00:05:38,120 --> 00:05:43,060
Get‑ComputerInfo, for example, and if I tab through the properties,

97
00:05:43,060 --> 00:05:46,180
you'll see there's all the standard ones that are there,

98
00:05:46,180 --> 00:05:48,600
you know, kind of I want to output the values,

99
00:05:48,600 --> 00:05:49,950
I want a pipeline property,

100
00:05:49,950 --> 00:05:53,350
whatever, on certain properties, you'll find that

101
00:05:53,350 --> 00:05:56,180
you're able to pass a credential object.

102
00:05:56,180 --> 00:05:59,510
Now this is more kind of useful when you're connecting to the cloud,

103
00:05:59,510 --> 00:06:03,560
for example. You'll be able to say Get‑Credential, and it will pass

104
00:06:03,560 --> 00:06:09,000
that object to whatever the command is in, for example, Azure or Office 365.