Unable to reference Secret Variable

Hey everyone,

I seem to be having trouble loading a secret variable stored in the DefaultVault. I have a variable called PasswordResetAC which I would use as an elevation account for resetting an AD account. When the reset triggers from the dashboard, I receive an error about the method for the credential not being implemented. After some more testing, i found that the secret variable was empty. I confirmed this by splatting the variable to a UDToast. I have tried removing, and recreating the variable with different names. I even blew away the variables ps1 and had the system recreate. In case it is helpful, here is the section of code i am using (note: the AD controller is omitted intentionally)


 [pscredential]$pscred = $PasswordResetAC
 $SecPassword = $eventData.TestPassword | convertto-Securestring -asplaintext

 $accountname = ""


 if ($User.contains("@"))
 {
         $accountname = $user.split("@")[0]
 }
elseif($user.contains("\"))
{
      $accountname = $user.split("\")[1]
}

try
{
     Set-ADAccountPassword -Server [active directory controller]  -Identity $accountname -NewPassword $SecPassword  -Credential $pscred -verbose
     set-Udelement -id 'Results' -content {
              New-UDCard -content {
                     New-UDAlert -Severity 'success' -content {"Password successfully reset for TEST\$accountname"}
               }
    }
}
catch
{
       set-Udelement -id 'Results' -content {
             New-UDCard -content {
                    New-UDAlert -Severity 'error' -content {"Password could not be set for TEST\$accountname $($error[0])"}
                    }
         }
   }
 }

here is what the Variable page looks like:

I appreciate any insight you guys can provide!

Thanks, Evan

Product: PowerShell Universal
Version: 2.3.0, Service install

Are you running the job as alternate credentials at all? Or just kicking it off as the default?

Hey Adam,

The dashboard is running in the Default Run-As Context:

If it helps at all, the Powershell Universal Service its self is running as a different Domain user.

let me know if you have any other questions!

Thanks,

Evan

Ok. Then I would expect you to be able to read the secrets since it’s the same user account for both the admin console and the dashboard. Have you configured your environments at all? I ask because if the Variables aren’t set to * then it won’t include all the variables.

Hey Adam, thanks for the suggestion! I verified that the wildcard was set for the variables in the environment section. I was not sure which environment “default” aligned with, so i changed the dashboard to use the 7.1.3 pwsh env and as soon as i did that, the parameter populated! thanks again for your insight!

1 Like