< Back
New-PSCredential
Post
NAME New-PSCredential
SYNOPSIS
Create a new PowerShell Credential object with a random password. Encrypts and saves the Credential object to file
or to Azure KeyVault.
SYNTAX
New-PSCredential [-Username] <String> [-Path] <String> [-CertificateFile] <String> [<CommonParameters>]
New-PSCredential [-Username] <String> [-Path] <String> -Thumbprint <String> [-CertificateStore <String>]
[<CommonParameters>]
New-PSCredential [-Username] <String> -KeyVault <String> -SecretName <String> [<CommonParameters>]
New-PSCredential [-Username] <String> [-Path] <String> -SecureKey <SecureString> [<CommonParameters>]
DESCRIPTION
New-PSCredential is used to create a new PowerShell Credential object [System.Management.Automation.PSCredential]
with the provided username and
a strong random password. The resulting credential object is returned as well as saved to disk or to Azure
KeyVault so that it can be retrieved later.
When saving to disk, the password is encrypted with either a pre-shared key or PKI certificate.
PARAMETERS
-Username <String>
Username to use for the Credential to be created.
Required? true
Position? 2
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Path <String>
Path to the JSON file that will be created to save the encrypted credential.
Required? true
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
-SecureKey <SecureString>
A SecureString that is used as a Pre-Shared-Key for encrypting the credential password.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Thumbprint <String>
The ThumbPrint of a certificate on the local computer that will be used to encrypt the credential password.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-CertificateFile <String>
Path to a .CER certificate public key file that will be used to encrypt the credential password.
Required? true
Position? 2
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-CertificateStore <String>
Specifies the certifcate store of the specified certificate thumbprint. Either LocalMachine or CurrentUser.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-KeyVault <String>
The name of the Azure KeyVault that will be used to store the exported credential.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-SecretName <String>
The name of the Azure KeyVault secret to create that will be used to store the exported credential.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>$Credential = New-PSCredential -Username 'svc.SharePoint.farm' -Path ./savedcredential.json -Thumbprint
'87BB70A19A7671D389F49AF4C9608B2F381FDD80'
New-ADUser -Name $Credential.Username -AccountPassword $Credential.Password -Enabled:$true
Creating a credential to be used as a service account, and creating the account.
RELATED LINKS
SYNOPSIS
Create a new PowerShell Credential object with a random password. Encrypts and saves the Credential object to file
or to Azure KeyVault.
SYNTAX
New-PSCredential [-Username] <String> [-Path] <String> [-CertificateFile] <String> [<CommonParameters>]
New-PSCredential [-Username] <String> [-Path] <String> -Thumbprint <String> [-CertificateStore <String>]
[<CommonParameters>]
New-PSCredential [-Username] <String> -KeyVault <String> -SecretName <String> [<CommonParameters>]
New-PSCredential [-Username] <String> [-Path] <String> -SecureKey <SecureString> [<CommonParameters>]
DESCRIPTION
New-PSCredential is used to create a new PowerShell Credential object [System.Management.Automation.PSCredential]
with the provided username and
a strong random password. The resulting credential object is returned as well as saved to disk or to Azure
KeyVault so that it can be retrieved later.
When saving to disk, the password is encrypted with either a pre-shared key or PKI certificate.
PARAMETERS
-Username <String>
Username to use for the Credential to be created.
Required? true
Position? 2
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Path <String>
Path to the JSON file that will be created to save the encrypted credential.
Required? true
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
-SecureKey <SecureString>
A SecureString that is used as a Pre-Shared-Key for encrypting the credential password.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Thumbprint <String>
The ThumbPrint of a certificate on the local computer that will be used to encrypt the credential password.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-CertificateFile <String>
Path to a .CER certificate public key file that will be used to encrypt the credential password.
Required? true
Position? 2
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-CertificateStore <String>
Specifies the certifcate store of the specified certificate thumbprint. Either LocalMachine or CurrentUser.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-KeyVault <String>
The name of the Azure KeyVault that will be used to store the exported credential.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-SecretName <String>
The name of the Azure KeyVault secret to create that will be used to store the exported credential.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>$Credential = New-PSCredential -Username 'svc.SharePoint.farm' -Path ./savedcredential.json -Thumbprint
'87BB70A19A7671D389F49AF4C9608B2F381FDD80'
New-ADUser -Name $Credential.Username -AccountPassword $Credential.Password -Enabled:$true
Creating a credential to be used as a service account, and creating the account.
RELATED LINKS