copy-item With Alternate Credentials

Question

I m using the CTP of powershell v2  I have a script written that needs to go out to various network shares in our dmz and copy some files  However  the issue I have is that evidently powershell s cmdlets such as copy-item  test-path  etc do not support alternate credentials     Anyone have a suggestion on how best to accomplish my task

User · Answer

PowerShell 3 0 now supports for credentials on the FileSystem provider  To use alternate credentials  simply use the Credential parameter on the New-PSDrive cmdlet  PS  gt  New-PSDrive -Name J -PSProvider FileSystem -Root   server001 sharename -Credential mydomain travisj -Persist   After this command you can now access the newly created drive and do other operations including copy or move files like normal drive  here is the full solution    Source    C  Downloads myfile txt   Dest        10 149 12 162 c  skumar   Username    administrator   Password   ConvertTo-SecureString  Complex Passw0rd  -AsPlainText -Force  mycreds   New-Object System Management Automation PSCredential  Username   Password   New-PSDrive -Name J -PSProvider FileSystem -Root  Dest -Credential  mycreds -Persist Copy-Item -Path  Source -Destination  J  myfile txt

User · Answer

I have encountered this recently  and in the most recent versions of Powershell there is a new BitsTransfer Module  which allows file transfers using BITS  and supports the use of the -Credential parameter   The following sample shows how to use the BitsTransfer module to copy a file from a network share to a local machine  using a specified PSCredential object   Import-Module bitstransfer  cred   Get-Credential  sourcePath     server example file txt  destPath   C  Local Destination  Start-BitsTransfer -Source  sourcePath -Destination  destPath -Credential  cred   Another way to handle this is using the standard  net use  command  This command  however  does not support a  securestring  password  so after obtaining the credential object  you have to get a decrypted version of the password to pass to the  net use  command    cred   Get-Credential  networkCred    cred GetNetworkCredential   net use   server example   networkCred Password  USER  networkCred UserName Copy-Item   server example file txt C  Local Destination

User · Answer

You should be able to pass whatever credentials you want to the -Credential parameter  So something like    cred   Get-Credential   Enter the credentials   Copy-Item -Path  from -Destination  to -Credential  cred

User · Answer

Here s my script that runs as LocalSystem on a machine  but needs credentials of a domaim user to access a network file location   It allows you to store the user s password in a  safe-ish  encrypted file  that can only be read by the user that wrote it   Setting and changing the password is done by copying a file with the plaintext password in it to the machine   When the script is next run it reads the password  encrypts it  then deletes the plaintext password    plaintext password file    C  plaintext txt    Stores the password in plain text - only used once  then deleted  encryted password file    C  copy pass txt     Stores the password in  safe  encrypted form - used for subsequent runs of the script                                                   - can only be decrypted by the windows user that wrote it  file copy user    OURDOMAIN A User     Check to see if there is a new plaintext password if  Test-Path  plaintext password file          Read in plaintext password  convert to a secure-string  convert to an encrypted-string  and write out  for use later     get-content  plaintext password file   convertto-securestring -asplaintext -force   convertfrom-securestring   out-file  encryted password file       Now we have encrypted password  remove plain text for safety     Remove-Item  plaintext password file       Read in the encrypted password  convert to a secure-string  pass   get-content  encryted password file   convertto-securestring    create a credential object for the other user  using username and password stored in secure-string  credentials   new-object -typename System Management Automation PSCredential -argumentlist  file copy user  pass    Connect to network file location as the other user and map to drive J  New-PSDrive -Name J -PSProvider FileSystem -Root    network file directory  -Credential  credentials    Copy the file to J  Copy-Item -Force -Verbose -Path  C  a file txt  -Destination  J      As an extra refinement  The username could also be encrypted as well  rather than hardcoded

User · Answer

The newer verion of PowerShell handles this and the MS Documentation has a great example of copying a file with different credentials here  Session   New-PSSession -ComputerName  quot Server02 quot  -Credential  quot Contoso User01 quot  Copy-Item  quot D  Folder002  quot  -Destination  quot C  Folder002 Copy  quot  -ToSession  Session

User · Answer

Here is a post where someone got it to work  It looks like it requires a registry change

User · Answer

Bringing this back from the dead again  I got around a similar credentials problem by wrapping the  ps1 in a batch file and doing the Win7  Shift   r Click RunAs  If you wanted to  you can also use PsExec thus   psexec exe  accepteula  h  u user  p pwd cmd  c  echo    powershell exe -File script ps1

User · Answer

I know that PowerShell 3 supports this out of the box now  but for the record  if you re stuck on PowerShell 2  you basically have to either use the legacy net use command  as suggested by several others   or the Impersonation module that I wrote awhile back specifically to address this

User · Answer

I would try to map a drive to the remote system  using  net use  or WshNetwork MapNetworkDrive  both methods support credentials  and then use copy-item

User · Answer

that evidently powershell s cmdlets such as copy-item  test-path  etc do not support alternate credentials      It looks like they do here  copy-item certainly includes a -Credential parameter    PS C    gcm -syn copy-item Copy-Item  -Path   lt String      -Destination   lt String    -Container   -Force   -Filter  lt String    -I nclude  lt String      -Exclude  lt String      -Recurse   -PassThru   -Credential  lt PSCredential

User · Answer

This question addresses a very related issue that may help using network shares in powershell

User · Answer

Since PowerShell doesn t support  -Credential  usage via many of the cmdlets  very annoying   and mapping a network drive via WMI proved to be very unreliable in PS  I found  pre-caching the user credentials via a net use command to work quite well     cache credentials for our network path net use   server C   password  USER  username   Any operation that uses   server C  in the path seems to work using the  -item cmdlets   You can also delete the share when you re done   net use   server C   delete

User · Answer

This is an old question but I m just updating it for future finders   PowerShell v3 now supports using the -Credential parameter for filesystem operations   Hope this helps others searching for the same solution

[powershell] copy-item With Alternate Credentials

Examples related to powershell

Examples related to powershell-2.0