ge-aerospace/powershell-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
62c0c7bb06fa5cf497b782979b9a329ef58afcd1
powershell-scripts/winrm-https/deployment-package/README-AUTO-PASSWORD.txt
cproudlock 62c0c7bb06 Initial commit: Organized PowerShell scripts for ShopDB asset collection 
Structure:
- asset-collection/: Local PC data collection scripts
- remote-execution/: WinRM remote execution scripts
- setup-utilities/: Configuration and testing utilities
- registry-backup/: GE registry backup scripts
- winrm-https/: WinRM HTTPS certificate setup
- docs/: Complete documentation

Each folder includes a README with detailed documentation.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-10 10:57:54 -05:00

110 lines
3.6 KiB
Plaintext
Raw Blame History

================================================================================
AUTO-PASSWORD VERSION - FOR TESTING ONLY
================================================================================
FILE: Deploy-WinRM-HTTPS-AutoPassword.bat
This version contains the certificate password HARDCODED in the batch file.
================================================================================
WARNING - SECURITY RISK
================================================================================
This file should ONLY be used for:
- Initial testing on a few PCs
- Lab/development environments
- Quick proof-of-concept deployments
DO NOT USE for production deployment!
Risks:
- Password is visible in PLAINTEXT in the batch file
- Anyone who can read the file can see the password
- Password may be logged in command history
- Not compliant with security policies
================================================================================
HOW TO USE
================================================================================
1. Open Deploy-WinRM-HTTPS-AutoPassword.bat in Notepad
2. Find this line (around line 82):
set "CERT_PASSWORD=XqHuyaLZSyCYEcpsMz6h5"
3. Change to your actual password if different
4. Save the file
5. Run as Administrator:
Right-click Deploy-WinRM-HTTPS-AutoPassword.bat
Select "Run as Administrator"
6. No password prompt - it will use the hardcoded password!
================================================================================
AFTER TESTING
================================================================================
Once you've verified the deployment works:
1. Switch to the secure version: Deploy-WinRM-HTTPS.bat
(This version prompts for password securely)
2. DELETE Deploy-WinRM-HTTPS-AutoPassword.bat from network share
(To prevent unauthorized access)
3. For automation, use secure credential storage:
See: SECURE_CREDENTIAL_MANAGEMENT.md
================================================================================
PRODUCTION DEPLOYMENT
================================================================================
For production, use ONE of these methods:
Option 1: Interactive (Manual Deployment)
Use: Deploy-WinRM-HTTPS.bat
- Prompts for password each time
- Most secure for manual deployment
Option 2: Encrypted Credentials (Automated)
- Store password encrypted with Export-Clixml
- See: SECURE_CREDENTIAL_MANAGEMENT.md
Option 3: Windows Credential Manager (Service Accounts)
- Use credentialmanager module
- Best for scheduled tasks
================================================================================
TESTING CHECKLIST
================================================================================
[ ] Test on 1-2 PCs with auto-password version
[ ] Verify HTTPS listener created successfully
[ ] Test remote connection from management server
[ ] Verify logging works correctly
[ ] Review log files for any errors
Once successful:
[ ] Delete auto-password version from share
[ ] Switch to secure version for remaining PCs
[ ] Document deployment process
[ ] Update asset inventory
================================================================================
FILE COMPARISON
================================================================================
Deploy-WinRM-HTTPS.bat (SECURE)
- Prompts for password
- Password not stored anywhere
- Recommended for production
Deploy-WinRM-HTTPS-AutoPassword.bat (TESTING ONLY)
- Password hardcoded in file
- No password prompt
- Use for testing only
================================================================================
Reference in New Issue View Git Blame Copy Permalink