================================================================================ AUTO-PASSWORD VERSION - FOR TESTING ONLY ================================================================================ FILE: Deploy-WinRM-HTTPS-AutoPassword.bat This version contains the certificate password HARDCODED in the batch file. ================================================================================ WARNING - SECURITY RISK ================================================================================ This file should ONLY be used for: - Initial testing on a few PCs - Lab/development environments - Quick proof-of-concept deployments DO NOT USE for production deployment! Risks: - Password is visible in PLAINTEXT in the batch file - Anyone who can read the file can see the password - Password may be logged in command history - Not compliant with security policies ================================================================================ HOW TO USE ================================================================================ 1. Open Deploy-WinRM-HTTPS-AutoPassword.bat in Notepad 2. Find this line (around line 82): set "CERT_PASSWORD=XqHuyaLZSyCYEcpsMz6h5" 3. Change to your actual password if different 4. Save the file 5. Run as Administrator: Right-click Deploy-WinRM-HTTPS-AutoPassword.bat Select "Run as Administrator" 6. No password prompt - it will use the hardcoded password! ================================================================================ AFTER TESTING ================================================================================ Once you've verified the deployment works: 1. Switch to the secure version: Deploy-WinRM-HTTPS.bat (This version prompts for password securely) 2. DELETE Deploy-WinRM-HTTPS-AutoPassword.bat from network share (To prevent unauthorized access) 3. For automation, use secure credential storage: See: SECURE_CREDENTIAL_MANAGEMENT.md ================================================================================ PRODUCTION DEPLOYMENT ================================================================================ For production, use ONE of these methods: Option 1: Interactive (Manual Deployment) Use: Deploy-WinRM-HTTPS.bat - Prompts for password each time - Most secure for manual deployment Option 2: Encrypted Credentials (Automated) - Store password encrypted with Export-Clixml - See: SECURE_CREDENTIAL_MANAGEMENT.md Option 3: Windows Credential Manager (Service Accounts) - Use credentialmanager module - Best for scheduled tasks ================================================================================ TESTING CHECKLIST ================================================================================ [ ] Test on 1-2 PCs with auto-password version [ ] Verify HTTPS listener created successfully [ ] Test remote connection from management server [ ] Verify logging works correctly [ ] Review log files for any errors Once successful: [ ] Delete auto-password version from share [ ] Switch to secure version for remaining PCs [ ] Document deployment process [ ] Update asset inventory ================================================================================ FILE COMPARISON ================================================================================ Deploy-WinRM-HTTPS.bat (SECURE) - Prompts for password - Password not stored anywhere - Recommended for production Deploy-WinRM-HTTPS-AutoPassword.bat (TESTING ONLY) - Password hardcoded in file - No password prompt - Use for testing only ================================================================================