My problem is I have made a script which starts a Exchange shell PSsession. The scrips runs fine if I execute it line by line in PowerShell, or if I right click on it in explorer and run. However, when it is called via certify after a new certificate is produced it fails.

Here is the section of the script:

$password = Get-Content -Path 'c:\Certificate_Update\securepassword.txt'
$pw = ConvertTo-SecureString -String $password
#$pw = ConvertTo-SecureString -AsPlainText -Force -String "admin pass here"

$cred = New-Object System.Management.Automation.PSCredential ("Wookies-Domain\Administrator", $pw)
$uri = 'http://Exchange-Server/PowerShell/'
# Starts remote Exchange shell session
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri $uri -Authentication Kerberos -Credential $Cred

# Imports remote Exchange shell session to this Machine
Import-PSSession $Session

The error I get is:

ConvertTo-SecureString : The system cannot find the path specified.

At C:\Certificate_Update\Update_Old_Cert.ps1:40 char:7
+ $pw = ConvertTo-SecureString -String $password
+       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [ConvertTo-SecureString], CryptographicException
    + FullyQualifiedErrorId :  ImportSecureString_InvalidArgument_CryptographicError,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand

TerminatingError(New-Object): "Exception calling ".ctor" with "2" argument(s):
"Cannot process argument because the value of argument "password" is null.
Change the value of argument "password" to a non-null value.""

New-Object : Exception calling ".ctor" with "2" argument(s): "Cannot process
argument because the value of argument "password" is null. Change the value of
argument "password" to a non-null value."

It is saying $password is null? Can't work out what I have done wrong. Is it maybe some permissions thing as the script is being run by certify?

2

There are 2 answers

0
Skeptical Bystander On

Although more than 4 years passed the issue is still there. I found that under some conditions ConvertTo-SecureString does not work with variables with "The system cannot find the path specified" error. In my case that happened, when I tried to execute my script under "NT AUTHORITY\SYSTEM". So instead of

$pw = ConvertTo-SecureString -String $password

I used

$pw = ConvertTo-SecureString -String "content-of-$password-variable"

and it worked.

0
wookie_73 On

My script was calling an file with a encrypted standard string used as a password. This was encrypted as Admin. Certify runs as a service set to Local system. So when the script tried to access the password file it failed due to wrong privileges. Setting the service to run as admin cured the problem.

Thanks to Ansgar Wiechers for helping me sort out the problem.