commands

^

Copy-DbaCredential

Author Chrissy LeMaire (@cl), netnerds.net
Availability Windows, Linux, macOS

 

Want to see the source code for this command? Check out Copy-DbaCredential on GitHub.
Want to see the Bill Of Health for this command? Check out Copy-DbaCredential.

Synopsis

Copy-DbaCredential migrates SQL Server Credentials from one SQL Server to another while maintaining Credential passwords.

Description

By using password decryption techniques provided by Antti Rantasaari (NetSPI, 2014), this script migrates SQL Server Credentials from one server to another while maintaining username and password.

Credit: https://blog.netspi.com/decrypting-mssql-database-link-server-passwords/

Syntax

Copy-DbaCredential
    [-Source] <DbaInstanceParameter>
    [[-SourceSqlCredential] <PSCredential>]
    [[-Credential] <PSCredential>]
    [-Destination] <DbaInstanceParameter[]>
    [[-DestinationSqlCredential] <PSCredential>]
    [[-Name] <String[]>]
    [[-ExcludeName] <String[]>]
    [[-Identity] <String[]>]
    [[-ExcludeIdentity] <String[]>]
    [-Force]
    [-EnableException]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

 

Examples

 

Example: 1
PS C:\> Copy-DbaCredential -Source sqlserver2014a -Destination sqlcluster

Copies all SQL Server Credentials on sqlserver2014a to sqlcluster. If Credentials exist on destination, they will be skipped.

Example: 2
PS C:\> Copy-DbaCredential -Source sqlserver2014a -Destination sqlcluster -Name "PowerShell Proxy Account" -Force

Copies over one SQL Server Credential (PowerShell Proxy Account) from sqlserver to sqlcluster. If the Credential already exists on the destination, it will be dropped and recreated.

Required Parameters

-Source

Source SQL Server. You must have sysadmin access and server version must be SQL Server version 2000 or higher.

Alias
Required True
Pipeline false
Default Value
-Destination

Destination SQL Server. You must have sysadmin access and the server must be SQL Server 2000 or higher.

Alias
Required True
Pipeline false
Default Value

Optional Parameters

-SourceSqlCredential

Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential). Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported. For MFA support, please use Connect-DbaInstance.

Alias
Required False
Pipeline false
Default Value
-Credential

This command requires access to the Windows OS via PowerShell remoting. Use this credential to connect to Windows using alternative credentials.

Alias
Required False
Pipeline false
Default Value
-DestinationSqlCredential

Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential). Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported. For MFA support, please use Connect-DbaInstance.

Alias
Required False
Pipeline false
Default Value
-Name

Only include specific names Note: if spaces exist in the credential name, you will have to type "" or '' around it.

Alias
Required False
Pipeline false
Default Value
-ExcludeName

Excluded credential names

Alias
Required False
Pipeline false
Default Value
-Identity

Only include specific identities Note: if spaces exist in the credential identity, you will have to type "" or '' around it.

Alias CredentialIdentity
Required False
Pipeline false
Default Value
-ExcludeIdentity

Excluded identities

Alias ExcludeCredentialIdentity
Required False
Pipeline false
Default Value
-Force

If this switch is enabled, the Credential will be dropped and recreated if it already exists on Destination.

Alias
Required False
Pipeline false
Default Value False
-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.

Alias
Required False
Pipeline false
Default Value False
-WhatIf

If this switch is enabled, no actions are performed but informational messages will be displayed that explain what would happen if the command were to run.

Alias wi
Required False
Pipeline false
Default Value
-Confirm

If this switch is enabled, you will be prompted for confirmation before executing any operations that change state.

Alias cf
Required False
Pipeline false
Default Value