U\u017e se V\u00e1m n\u011bkdy stalo, \u017ee jste pot\u0159ebovali opakovan\u011b kop\u00edrovat soubory ze s\u00edt\u011b, t\u0159eba pravideln\u011b jednou za t\u00fdden, ale to \u00falo\u017ei\u0161t\u011b vy\u017eadovalo ov\u011b\u0159en\u00ed.<\/p>\n
Pokud zdroj i c\u00edl m\u00e1te ve stejn\u00e9 dom\u00e9n\u011b, tak to nen\u00ed probl\u00e9m. Sta\u010d\u00ed script, kter\u00fd v\u00e1m soubory bude kop\u00edrovat spustit pod u\u017eivatelem s odpov\u00eddaj\u00edc\u00edmi opr\u00e1vn\u011bn\u00edmi.<\/p>\n
Pokud ale kop\u00edrujete nap\u0159\u00edklad z po\u010d\u00edta\u010de, kter\u00fd nen\u00ed v dom\u00e9n\u011b, nebo je v jin\u00e9 dom\u00e9n\u011b, je to u\u017e trochu hor\u0161\u00ed.<\/p>\n
Samoz\u0159ejm\u011b, \u017ee \u0159e\u0161iteln\u00e9 to je a to hned n\u011bkolika zp\u016fsoby:<\/p>\n
1)\u00a0 budete m\u00edt v r\u00e1mci scriptu u\u017eivatelsk\u00e9 jm\u00e9no a heslo v plaintextu.<\/p>\n
Toto \u0159e\u0161en\u00ed je samoz\u0159ejm\u011b nejjednodu\u0161\u0161\u00ed, ale taky je to celkem nebezpe\u010dn\u00e9. N\u011bkdo se dostane k tomuto scriptu a bude m\u00edt va\u0161e jm\u00e9no a heslo hezky jak na st\u0159\u00edbrn\u00e9m podnose. Nav\u00edc bude moci spustit stejn\u00fd skript odkudkoli se stejn\u00fdmi p\u0159\u00edstupy.<\/p>\n
2) Script zabal\u00edte do EXE souboru a budete spou\u0161t\u011bt p\u0159\u00edmo. Pak budete m\u00edt heslo p\u0159\u00edmo v EXE ale nebude v \u00fapln\u011b \u010diteln\u00e9 podob\u011b.<\/p>\n
Toto \u0159e\u0161en\u00ed je o n\u011bco bezpe\u010dn\u011bj\u0161\u00ed, ale je pot\u0159eba naj\u00edt „konvertor“ kter\u00fd v\u00e1m skript do EXE souboru p\u0159evede. Nav\u00edc, pokud budete pot\u0159ebovat ve skriptu n\u011bco zm\u011bnit, nebo jen pou\u017e\u00edt jin\u00e9 p\u0159ihla\u0161ovac\u00ed \u00fadaje, mus\u00edte prov\u00e9st konverzi znovu. Op\u011bt stejn\u011b jako v minul\u00e9m p\u0159\u00edpad\u011b, pokud tento „skript“ n\u011bkdo zkop\u00edruje, bude m\u00edt p\u0159\u00edstup ke stejn\u00e9 cest\u011b odkudkoli.<\/p>\n
3) ulo\u017eit si heslo \u0161ifrovan\u011b v XML a pak jej opakovan\u011b na\u010d\u00edtat.<\/p>\n
Toto \u0159e\u0161en\u00ed je nejflexibiln\u011bj\u0161\u00ed. Kdykoli se V\u00e1m zm\u011bn\u00ed p\u0159ihla\u0161ovac\u00ed \u00fadaje (platnost hesla apod.) tak pouze uprav\u00edte XML soubor nov\u00fdm heslem a do skriptu nemus\u00edte zasahovat. V\u00fdhodu n\u00e1m v tomto d\u00e1v\u00e1 p\u0159\u00edmo Powershell. Pokud ulo\u017e\u00edm datov\u00fd typ „securestring“ do souboru, automaticky jej za\u0161ifruje, ale tak, \u017ee jej bude moci na\u010d\u00edst pouze ten u\u017eivatel, kter\u00fd jej ulo\u017eil.<\/p>\n
Nakonec to m\u016f\u017ee fungovat n\u00e1sledovn\u011b. Budu m\u00edt pl\u00e1novanou \u00falohu, kterou budu spou\u0161t\u011bt pod \u00fa\u010dtem konkr\u00e9tn\u00edho u\u017eivatele (sv\u00fdm \u00fa\u010dtem). Do vzd\u00e1len\u00e9 slo\u017eky se ale mus\u00edm ov\u011b\u0159it jin\u00fdm \u00fa\u010dtem. Heslo k tomuto \u00fa\u010dtu si za\u0161ifruji a ulo\u017e\u00edm do XML souboru pod sv\u00fdm \u00fa\u010dtem, tak\u017ee si jej nebude moci p\u0159e\u010d\u00edst nikdo jin\u00fd ne\u017e j\u00e1, resp. skript spu\u0161t\u011bn\u00fd v m\u00e9m kontextu.<\/p>\n
Pot\u0159ebuji 2 skripty.<\/p>\n
Prvn\u00ed, kter\u00fd budu pou\u017e\u00edvat k ukl\u00e1d\u00e1n\u00ed hesla do XML<\/p>\n
$Path = \".\\passwd.xml\"\r\n\r\n$Credential = Get-Credential\r\n\r\n$export = \"\" | Select-Object Username, EncryptedPassword\r\n \r\n# Give object a type name which can be identified later\r\n$export.PSObject.TypeNames.Insert(0,\u2019ExportedPSCredential\u2019)\r\n \r\n$export.Username = $Credential.Username\r\n \r\n# Encrypt SecureString password using Data Protection API\r\n# Only the current user account can decrypt this cipher\r\n$export.EncryptedPassword = $Credential.Password | ConvertFrom-SecureString\r\n \r\n# Export using the Export-Clixml cmdlet\r\n$export | Export-Clixml $Path<\/pre>\nA druh\u00fd, kter\u00fd mi heslo p\u0159e\u010dte, p\u0159ihl\u00e1s\u00ed se ke vzd\u00e1len\u00e9 slo\u017ece a vykop\u00edruje mi pot\u0159ebn\u00e9 soubory<\/p>\n
$PWDPath = \".\\passwd.xml\"\r\n$NetworkMap = \"\\\\192.168.5.10\\Lic\"\r\n$SourceFile = \"\\\\192.168.5.10\\Lic\\Licenses.txt\"\r\n$DestinationFile = \"C:\\Materials\\Licenses\\Licenses.txt\"\r\n\r\n$import = Import-Clixml $PWDPath\r\n \r\n# Test for valid import\r\nif ( !$import.UserName -or !$import.EncryptedPassword ) {\r\n Throw \"Input is not a valid ExportedPSCredential object, exiting.\"\r\n exit\r\n}\r\n$Username = $import.Username\r\n \r\n# Decrypt the password and store as a SecureString object for safekeeping\r\ntry {\r\n $SecurePass = $import.EncryptedPassword | ConvertTo-SecureString\r\n }\r\n catch\r\n {\r\n }\r\nif ($SecurePass -eq $null) {\r\n echo \"Bad pass\"\r\n exit\r\n}\r\n# Build the new credential object\r\n$Credential = New-Object System.Management.Automation.PSCredential $Username, $SecurePass\r\n$net = new-object -ComObject Wscript.Network\r\n# Map network share with credentials\r\n$net.MapNetworkDrive(\"\",$NetworkMap,$false,$UserName, ($Credential.GetNetworkCredential().Password))\r\n\r\nCopy-Item $SourceFile $DestinationFile -Force\r\n\r\n# Unmap network share\r\n$net.RemoveNetworkDrive($NetworkMap,0)<\/pre>\nPak u\u017e jen vyexportovat u\u017eivatelsk\u00e9 jm\u00e9no a heslo do XML pomoc\u00ed prvn\u00edho skriptu a druh\u00fd script nastavit v pl\u00e1nova\u010di aby se spou\u0161t\u011bl pod Va\u0161\u00edm \u00fa\u010dtem v pl\u00e1novan\u00fd \u010das \ud83d\ude42<\/p>","protected":false},"excerpt":{"rendered":"
U\u017e se V\u00e1m n\u011bkdy stalo, \u017ee jste pot\u0159ebovali opakovan\u011b kop\u00edrovat soubory ze s\u00edt\u011b, t\u0159eba pravideln\u011b jednou za t\u00fdden, ale to \u00falo\u017ei\u0161t\u011b vy\u017eadovalo ov\u011b\u0159en\u00ed. Pokud zdroj…<\/p>\n