[4.0.2]
I have a Script
param(
[Parameter(Mandatory)]
[string]$UserName,
[Parameter(Mandatory)]
[string]$Description,
[Parameter(Mandatory)]
[SecureString]$Password
)
New-ADUser -CannotChangePassword $True -PasswordNeverExpires $True -GivenName "$UserName" -Name "$UserName" -SamAccountName "$UserName" -Path "..." -Description "$Description" -Credential (Get-GMSACredential ...) -Enabled $True **-AccountPassword $Password** -UserPrincipalName "$UserName@..." -DisplayName "$UserName"
If I run this manually, it works.
If I run it using programatically from a UDStepper
function New-ESASMTPserviceAccount {
param (
[Parameter(Mandatory)] [string]$Username,
[Parameter(Mandatory)] [string]$Description,
[Parameter(Mandatory)] [SecureString]$Password
)
Invoke-PSUScript $Script -username $Username -Description $Description -Password $Password -Integrated | Tee-Object -Variable job | Wait-PSUJob -Integrated
}
...
New-ESASMTPserviceAccount -Username $Context.Context.txtStep1Username -Description $Context.Context.txtStep1Description -Password (ConvertTo-SecureString -String $Context.Context.txtStep1Password -AsPlainText -Force)
I get:
Unable to cast object of type ‘System.Security.SecureString’ to type ‘System.String’. as en error on the script job.
If I change all the [SecureString]$Password to [string]$Password parameters in the script and function, pass the password in plaintext, and instead do “-Password (ConvertTo-SecureString -String $Password -AsPlainText -Force)” on new-ADUser is works as expected.
I’m not sure how to diagnose this, it feels like PSU doesnt want to accept a securestring as a parameter programatically on a script.
I’m pretty sure that this worked on 3.8.12 