Skip to content

User-defined scripts⚓︎

Individual solutions using your own scripts⚓︎

If your requirements cannot be met using the supplied scripts, it is also possible to create your own Powershell scripts. These scripts need to meet certain requirements to be used in Password Secure.

Storage location, name and call⚓︎

The scripts must be saved in the following directory: C:\ProgramData\MATESO\Password Safe and Repository Service\System\PowerShell

The scripts are saved in the format.ps1.

Structure of the scripts⚓︎

The PowerShell scripts must have the following structure:

RunScript function⚓︎

Password Secure always calls the RunScript function.

function RunScript
param (
        [String]$HostName,
        [String]$UserName,
        [String]$NewPassword,
        [String]$CredentialsUserName,
        [Security.SecureString]$CredentialsPassword
    )

The following standard parameters can be used here:

  • UserName: The user name for which the password should be changed
  • Password: The password that should be reset
  • CredentialsUserName: The user name of the user authorized to carry our the reset (e.g. administrator)
  • CredentialsPassword: The password of the authorized user

Scriptblock⚓︎

The scriptblock can be used when the script should run in the context of another user. The actual change is then carried out in the scriptblock.

It is important in this case that you provide Password Secure with feedback about what has been changed via a Write-Output. The following example simply uses the outputs true or false. However, it is also conceivable that an error message or similar is output.

    $scriptBlock = {param ($UserName, $Password)
    // Make changes to SAP
    if($OK) {
        Write-Output "true"
    } else {
        Write-Output "false"
    }

Naturally, CredentialsUserName and CredentialsPassword can also be directly used in the script (i.e. without the scriptblock). You can view the supplied MSSQL script as an example.

Invoke⚓︎

A credential then still needs to be created. This is then transferred to the scriptblock using the invoke command. It is also important in this case to provide Password Secure with feedback about all errors via Write-Output or throw [System.Exception].

Last update: 2022-09-05
Created: 2022-09-05