WinRM + Passing Credentials Using Basic Auth for Remote Server Querying [SOLVED - WORKAROUND]

[Nate Ferrell]

Hey all,

If you are like me and are running Rundeck against Windows nodes and burying your head in the sand due to issues passing creds to remote computers (AD, SQL, etc), then my workaround will help get past the multi-hop credential issues.

1. Rundeck job triggers primary Powershell script "TaskBuilder.ps1"
1. job options passed to script as parameters
2. "TaskBuilder.ps1" builds a Scheduled Task and injects the credentials of the service account making the query to allow Run Whether User is Logged In or Not
1. Job built executes actual script defined with job parameters, outputs results onto text file
3. "TaskBuilder.ps1" waits for scheduled task to complete, then reads the results file using Get-Content to show results in Rundeck log output
4. "TaskBuilder.ps1" unregisters created task and cleans up results files

The password is stored in a text file readable only by the service account accessing it and myself to debug. Permissions are set via standard file ACL in Windows, keeping it safe from prying eyes.

Tested against Active Directory and SQL boxes that were previously not receiving the credentials when passed straight to the querying script.

Hope this helps some folks in the same situation as me! Cheers

[Layne Weniger]

Do you have a copy of the script posted anywhere?