Start a new topic

Passwordstate Password Integration

Sorry wasn't sure where to put this.


I've created a script to integrated with Passwordstate for password retrieval. (attached)


It requires use of my PasswordState-management powershell module to use. Details here: https://github.com/dnewsholme/PasswordState-Management


Powershell Gallery Link: https://www.powershellgallery.com/packages/passwordstate-management/2.0.0


Feel free to use/alter as you like.



image




Hope it helps.



rdfe

Hi Daryl,


that is so awesome! Thanks for shareing your script. I've moved it to the toolbox forum here on our support portal.


In general, we do keep those sample scripts on github here:

https://www.royalapplications.com/go/dynamicfolder-samples


If you have a github account and if you are familiar with pull requests, feel free to create one with your script.


If not, let us know and we will take care of that.


Thanks agian for your contribution!

No problem. I've sent over the pull request.

Awesome, thank you. We will review it next week and continue the conversation over at github. Thanks again for the contribution!

So I have this working and its fantastic but I was wondering if its possible to group by the folders and organisation that is present in passwordstate, it just gives me a huge list of passwords without any structure (we have ours grouped in folders and password list)

I have modified the code to get it grouped by folder, I had one other thing thats bugging me, when I create the dynamic folder give it a name, add the code and it creates a sub folder named "PasswordState" inside the first folder and that folder is not persistent with its settings if I enable auto refresh for example it fails to update it when I close/Open RoyalTS also the sub folder is slightly frustrating.


Is there any way I can contribute the modified code to group by folder in anyway?

I've updated the code to work with the latest module version and sort by folder.

The pull request should be merged by the royal ts team in the next couple of days.

https://github.com/royalapplications/toolbox/pull/18


Until then you can grab it from my fork.


https://github.com/dnewsholme/toolbox/blob/master/Dynamic%20Folder/PasswordState/PasswordState.rdfe



1 person likes this

Great work thanks, I realised what I had done wrong in regards to the sub folder, I pasted the code in myself rather than importing it so all is good now.

I just merged the pull request. Thanks, Daryl. I really appreciate your contribution!

Thanks for getting this to work fellas.


Out of curiosity - is it by design that when you close out of the TS document that the passwordstate credentials do not save to the individual connections?  It seems I get an [unknown credential] whenever I reopen my TS file and would have to re-assign credentials each time.


Curious to know if there's any way around that or if I'm not doing something right - if it's not by design.


Thanks!

Use "Specify a credential name" rather than selecting it from the list that way when the password list refreshes as long as the name is the same it will use it correctly, if the name changes you will run into issues

That's a good workaround if you can work with credential names. The reason for this is that the credential id is stored in the connection. Depending on the PAM system, the dynamic folder script cannot always ensure the same id is generated for the same object. If you are using a PAM where the object id of the credential is a GUID, you can use the same GUID in the JSON output for the credential. In this case you can assign the credential to the connection directly. Some PAM systems do not use GUIDs for their object IDs and in this case a new GUID might be generated.

Yeah I have had issues when closing and opening it when the credential was saved directly to the connection but so far never had a problem with using the credential name, works every time for me (provided the connection to the PAM is working)

Thanks, Fellas. Worked out great!

@daryl or @Matthew - Are either of you still using PasswordState and have you upgraded to v9 yet? I'm running into an error with the PowerShell script @daryl attached to this post and it was working PasswordState v8.


Error

 

Cannot convert value "@{PasswordListID=20; PasswordList=Location2; TreePath=\Location1\Location2; PasswordID=725; Title=NAME-OF-ENTRY; Domain=;

HostName=; UserName=ACCOUNT; Description=; GenericField1=; GenericField2=; GenericField3=; GenericField4=; GenericField5=;

GenericField6=; GenericField7=; GenericField8=; GenericField9=; GenericField10=; GenericFieldInfo=System.Object[]; AccountTypeID=0; Notes=;

URL=https://somewebsite; Password=CREDENTIAL; ExpiryDate=; AllowExport=True; AccountType=; OTP=}" to type

"PasswordResult".

 



Current Dynamic Folder PowerShell Script

  

$ErrorActionPreference = "Stop"
$results = Get-PasswordStatePassword -preventauditing
$credentials = @()
foreach ($item in $results) {
    if ($item.Notes -like "-----BEGIN RSA PRIVATE KEY----*") {
        $credentials += [pscustomobject]@{
            Type           = "Credential"
            Name           = $item.Title
            Username       = $item.Username
            Password       = $item.GetPassword()
            ID             = $item.PasswordID
            KeyFileContent = $item.Notes
			Path = $item.TreePath
        }
  
    }
    else {
        $credentials += [pscustomobject]@{
            Type     = "Credential"
            Name     = $item.Title
            Username = $item.Username
            Password = $item.GetPassword()
            ID       = $item.PasswordID
			Path = $item.TreePath
        }
   
    }
}


$final = [pscustomobject]@{
    Objects = $credentials
}
$final | ConvertTo-Json -Depth 100 | Write-Output

  

Login or Signup to post a comment