Hi, how can I read the content of a local text file within a powershell script in a custom sensor?
I'm currently stuck while trying to read an encrypted password from local text file, specifically with the get-content command, the line is stated as follows:
$pass = get-content "C:\passlib\admpass.txt" | convertto-securestring
When the script is executed in a local powershell console works like a charm, but once it is included into the sensor the next message is displayed:
This sensor requires the PowerShell 2.0 (or higher) to be installed on the probe system. (convertto-securestring : The system cannot find the file specified. At C:\Program Files (x86)\PRTG Network Monitor\custom sensors\EXEXML\custsensor.ps1:8 char:59 + $admpass = get-content "C:\passlib\admpass.txt" | convertto-securestring + ~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], C ryptographicException + FullyQualifiedErrorId : ImportSecureString_InvalidArgument_Cryptographic Error,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand new-object : Exception calling ".ctor" with "2" argument(s): "Cannot process argument because the value of argument "password" is null. Change the value of argument "password" to a non-null value." At C:\Program Files (x86)\PRTG Network Monitor\custom sensors\EXEXML\custsensor.ps1:9 char:12 + ...
I've read in other threads that some times (don't know why) it works to set the path as follows "C$\passlib\admpass.txt", did the proper, and got the following message:
This sensor requires the PowerShell 2.0 (or higher) to be installed on the probe system. (get-content : Cannot find path 'C:\Windows\system32\C$\passlib\admpass.txt' because it does not exist. At C:\Program Files (x86)\PRTG Network Monitor\custom sensors\EXEXML\custsensor.ps1:8 char:12 + $pass = get-content "C$\passlib\admpass.txt" | convertto-securestring + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (C:\Windows\syst...pass.t xt:String) [Get-Content], ItemNotFoundException + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetCo ntentCommand new-object : Exception calling ".ctor" with "2" argument(s): "Cannot process argument because the value of argument "password" is null. Change the value of argument "password" to a non-null value." At C:\Program Files (x86)\PRTG Network Monitor\custom sensors\EXEXML\custsensor.ps1:9 char:12 + $admcred = new-object -typename System.Management.Automation.PSCredential -argum ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ + CategoryInfo : InvalidOperation: (:) [New-Object], MethodInvoca tionException + FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.Power Shell.Commands.NewObjectCommand Invoke-Command : Cannot process argument transformation on parameter 'Credential'. Access is denied At C:\Program Files (x86)\PRTG Network Monitor\custom sensors\EXEXML\custsensor.ps1:12 char:78 + ... + ~~~ + CategoryInfo : InvalidData: (:) [Invoke-Command], ParameterBind ingArgumentTransformationException + FullyQualifiedErrorId : ParameterArgumentTransformationError,Microsoft.P owerShell.Commands.InvokeCommandCommand Sending Result to output pipeline <prtg> <result> <channel>Custom Sensor Test</channel> <value></value> </result> </prtg> ) (code: PE181)
Article Comments
This is what I get when I check the version, whether it be the 32 or 64 bits version:
PS C:\Users\Administrator> $PSVersionTable
Name Value
---- -----
PSVersion 3.0
WSManStackVersion 3.0
SerializationVersion 1.1.0.1
CLRVersion 4.0.30319.36366
BuildVersion 6.2.9200.17065
PSCompatibleVersions {1.0, 2.0, 3.0}
PSRemotingProtocolVersion 2.2
So I think it is above the minimum required version, is there other thing else I should check for?
Thanks in advance.
Mar, 2017 - Permalink
Hi, thanks for the reply, sure, here is it, please consider my comments in the first post, where I've mention that I have already tried changing the line
$admpass = get-content "C:\passlib\admpass.txt" | convertto-securestring
for
$admpass = get-content "C$\passlib\admpass.txt" | convertto-securestring
I get different messages back, but none of them worked. Thanks in advance.
Import-Module 'C:\Program Files\Common Files\Skype for Business Server 2015\Modules\SkypeForBusiness'
$user1 = "usr4@domain.com"
$pass1 = get-content "C:\passlib\usr4pass.txt" | convertto-securestring
$cred1 = new-object -typename System.Management.Automation.PSCredential -argumentlist $user1, $pass1
$adm = "adm@domain.com"
$admpass = get-content "C:\passlib\admpass.txt" | convertto-securestring
$admcred = new-object -typename System.Management.Automation.PSCredential -argumentlist $adm, $admpass
$result="<prtg>`r`n"
$testcs = Invoke-Command -ComputerName remote1.domain.com -Credential $admcred -Argumentlist $cred1 -ScriptBlock {Import-Module SkypeForBusiness; Test-CsClientAuth -TargetFqdn remote2.domain.com -UserSipAddress "sip:usr4@domain.com" -UserCredential $args[0]}
if ($testcs.result -eq "Failure") {
write-host "Unable authenticate user"
}
else{
$result+=" <result>`r`n"
$result+=" <channel>Auth Test</channel>`r`n"
$result+=" <value>"+$testcs.result+"</value>`r`n"
$result+=" </result>`r`n"
}
$result+="</prtg>"
Write-host "Sending Result to output pipeline"
$result
Mar, 2017 - Permalink
Hold on, is the passlib folder actually located on the probe? Or the core? Because the notifications are actually executed on and via the remote probe host, not the core server.
Mar, 2017 - Permalink
We do not have any remote probe currently, the script and passlib folder are located on the core or main probe, in fact we have only one server running PRTG where all sensors are being deployed, I've tried placing the passlib folder in the remote invoked server also, result is the same. Where should I have to place the folder? Are there any other factors I must take into consideration?
Mar, 2017 - Permalink
Ah sorry, disregard that. Is it possible that the sensor is executed within a user context that has no access to the folder where the credential files are stored?
Mar, 2017 - Permalink
Can you please give me more details about the user context? Setting about the Security Context are set to Use Windows credentials of parent device, parent device's Windows credentials are from a domain user who is joined to the PRTG server's administrators group.
Mar, 2017 - Permalink
Complementing last question, I've set the sensor settings with the parent device's Windows credential, which are from a domain user that is joined to the PRTG Server Administrators group, credential has the right access, but I'm still getting the same result, can you give me more detail about the user context?
Apr, 2017 - Permalink
Sorry about the delay, Luis. I did some reading and you might want to try the following:
$pass = (get-content "\\<fqdn-of-your-prtg-server>\c$\passlib\admpass.txt" | convertto-securestring)
Apr, 2017 - Permalink
Thanks for replying, I'm sorry to say that it didn't work either, I've tried with the Server's IP also, the result is the same "Power Shell 2.0 or above Required" along with the aforementioned error message stating that the path couldn't be found, the part that confuses me, is why am I getting the message "PowerShell 2.0 required" if I'm sure that the version is above that? Is this a generic message? Which or where is the PowerShell executable PRTG is running to execute the script?
Thanks in advance.
Apr, 2017 - Permalink
The only other way that comes to my mind would be this one:
function Passwords([ValidateSet("Get","Set")][string]$action)
$passFile = "C:\Program Files (x86)\PRTG Network Monitor\Notifications\EXE\adm.pass";
$keyFile = "C:\Program Files (x86)\PRTG Network Monitor\Notifications\EXE\adm.key";
if($action -eq "set"){
$Key = New-Object Byte[] 32
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($Key)
$Key | out-file $keyFile
Read-Host "Enter Password for the $($Server) server" -AsSecureString | ConvertFrom-SecureString -key $Key | Out-File $passFile
}
if($action -eq "get"){
$Key = Get-Content $KeyFile
$Credentials = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $servers.smtpUser, (Get-Content $passFile | ConvertTo-SecureString -Key $key)
return $Credentials;
}
Call the function once with Passwords -Set in order to create the password files and Passwords -Get when you need the corresponding credential object. Let me know if it worked out!
Apr, 2017 - Permalink
Did you already try to upgrade to a newer PowerShell version as required?
Mar, 2017 - Permalink