{"id":16480896,"url":"https://github.com/ramblingcookiemonster/secretserver","last_synced_at":"2025-03-21T07:30:30.316Z","repository":{"id":24984558,"uuid":"28403056","full_name":"RamblingCookieMonster/SecretServer","owner":"RamblingCookieMonster","description":"Secret Server PowerShell Module","archived":false,"fork":false,"pushed_at":"2016-09-26T04:21:42.000Z","size":320,"stargazers_count":87,"open_issues_count":9,"forks_count":28,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-03-01T03:51:15.045Z","etag":null,"topics":["password-manager","powershell","powershell-modules","secret","secret-management","secret-server","secrets"],"latest_commit_sha":null,"homepage":null,"language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RamblingCookieMonster.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-12-23T14:47:37.000Z","updated_at":"2024-04-13T17:32:49.000Z","dependencies_parsed_at":"2022-08-20T18:40:49.759Z","dependency_job_id":null,"html_url":"https://github.com/RamblingCookieMonster/SecretServer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RamblingCookieMonster%2FSecretServer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RamblingCookieMonster%2FSecretServer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RamblingCookieMonster%2FSecretServer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RamblingCookieMonster%2FSecretServer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RamblingCookieMonster","download_url":"https://codeload.github.com/RamblingCookieMonster/SecretServer/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244118837,"owners_count":20400928,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["password-manager","powershell","powershell-modules","secret","secret-management","secret-server","secrets"],"created_at":"2024-10-11T13:05:40.800Z","updated_at":"2025-03-21T07:30:30.014Z","avatar_url":"https://github.com/RamblingCookieMonster.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"Secret Server PowerShell Module\n=============\n\nThis is a PowerShell module for working with Thycotic Secret Server's web services.  If you use this module, check in every so often, there will be regular updates.\n\nThis is a quick and dirty implementation based on my environment's configuration.  Contributions to improve this would be more than welcome!\n\nSome caveats:\n\n * We do not go out of the way to cover a variety of templates or customizations to templates.  Contributions welcome.  This is on my list but low priority.\n * A number of shortcuts have been taken given that this is a fast publish.  Addressing these is on my list.\n   * Limited testing, limited validation of edge case scenarios\n   * Limited error handling\n   * Limited comment based help and examples (some may be outdated)\n   * Limited explanation for configuring your environment to use functions that rely on T-SQL.\n\n#Functionality\n\nSearch for secrets without triggering an audit:\n  * ![Search for secrets without triggering an audit](/Media/Get-Secret.png)\n\nExtract Secure String password and PSCredential credential object from secrets:\n  * ![Extract Secure String password and PSCredential credential object from secrets](/Media/Get-SecretCred.png)\n\nFind folders:\n  * ![List out folders](/Media/Get-Folder.png)\n\nFind templates:\n  * ![Find templates](/Media/Get-Template.png)\n\nCreate new secrets:\n  * ![Create new secrets](/Media/New-Secret.png)\n\nChange existing secrets:\n  * ![Change existing secrets](/Media/Set-Secret.png)\n\nFind permissions for a secret:\n  * ![Find permissions for a secret](/Media/Get-SecretPermission.png)\n\nList secret audit activity:\n  * ![List secret audit activity](/Media/Get-SecretAudit.png)\n\nGet Secret Activity directly from the database:\n  * ![Get Secret Activity directly from the database](/Media/Get-SecretActivity.png)\n\nGet connected:\n  * ![Get connected](/Media/GetConnected.png)\n\n#Prerequisites\n\n * You must be using Windows PowerShell 3 or later on the system running this module\n * You must enable Secret Server Web Services ahead of time.  See [product documentation](http://thycotic.com/products/secret-server/support-2/) for instructions.\n * You must enable Integrated Windows Authentication for Secret Server.  This may change.  See [product documentation](http://support.thycotic.com/kb/a90/setting-up-integrated-windows-authentication.aspx) for instructions.\n * We serialize a default Uri and proxy to SecretServerConfig.xml in the module path - you must have access to that path for this functionality\n * The account running these functions must have appropriate access to Secret Server\n * For the T-SQL commands, I assume you can delegate privileges and create a secure way to invoke these.  Consider running these from a constrained, delegated endpoint to avoid unnecessary privileges in the Secret Server database.\n * Module folder downloaded, unblocked, extracted, available to import\n\n#Instructions\n\n```powershell\n#One time setup:\n    #Download the repository\n    #Unblock the zip file\n    #Extract SecretServer folder to a module path (e.g. $env:USERPROFILE\\Documents\\WindowsPowerShell\\Modules\\)\n\n#Each PowerShell session\n    Import-Module SecretServer  #Alternatively, Import-Module \"\\\\Path\\To\\SecretServer\"\n\n#List commands in the module\n    Get-Command -Module SecretServer\n\n#Get help for a command\n    Get-Help New-SSConnection -Full\n\n#Optional one time step: Set default Uri, create default proxy\n    Set-SecretServerConfig -Uri https://FQDN.TO.SECRETSERVER/winauthwebservices/sswinauthwebservice.asmx\n    New-SSConnection #Uses Uri we just set by default\n\n#Get help for Get-Secret\n    Get-Help Get-Secret -Full\n\n#List a summary of all secrets\n    Get-Secret\n\n#Convert stored secret to a credential object you can use in a variety of scenarios\n    $Credential = (Get-Secret -SearchTerm SVC-WebCommander -as Credential ).Credential\n    $Credential\n\n    \u003c#\n        UserName : My.Domain\\SVC-WebCommander\n        Password : System.Security.SecureString\n    #\u003e\n\n#List commands that directly hit the SQL database\n    Get-Command -Module SecretServer -ParameterName ServerInstance |\n        Where {$_.Name -notlike \"*SecretServerConfig\"}\n```\n\n# Changelog\n\n* 03/24/2016 Changes by Ryan Bushe\n  * NEW: Connect-SecretServer Prompts you for credentials and includes support for connecting with RADIUS\n  * NEW: Copy-SSPassword Using Get-Secret as the backend will prompt the user to select a specific secret and copy the password to the users clip board\n  * UPDATE: Added use of Token when supplied or in the SecretServerConfig for all functions using Secret Server's web services\n  * UPDATE: Restructured the layout of the functions and used [ConvertTo-Module](https://github.com/martin9700/ConvertTo-Module) to build the module file for faster loading\n  * UPDATE: Made settings final include the current user name for use by multiple users\n  * UPDATE: Moved file initialization into Get-SecretServerConfig\n  * UPDATE: Moved proxy initialization into Connect-SecretServer\n\n# Aside\n\nOn an aside, if you don't have a password management solution in place, definitely take a look at [Secret Server](http://thycotic.com/products/secret-server/compare-installed-editions/).\n\nI've been impressed with the product, documentation, and support.  It's one of those products that just works, and works well.  If you're a non-profit, you'll save a bit...\n\nProject Status, 1/17/2016: I no longer work with or have access to Secret Server. Feel free to fork this or use it as needed, but there will likely be no further development, barring external contributions.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Framblingcookiemonster%2Fsecretserver","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Framblingcookiemonster%2Fsecretserver","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Framblingcookiemonster%2Fsecretserver/lists"}