Is there a way to pass-thru current default credentials to powershell SPML request to ARS?

Question

We use PIV cards for end user authentication. Our default credential can be used with runas.exe or right-click over internet explorer to launch the browser with privilege. 
 With powershell, we launch the shell from an elevated prompt - again using 'runas' in order to trigger the credential tile to pop-up allowing selection of PIV card with username hint. 
 
 for powershell SPML, I'm prompted for credentials &hellip; but not using the PIV tile. 
 Question - is there a way in PS> or SPML to default credentials to the ones used to launch the shell calling the script?

dyannic · Answer

Answering my own question for posterity... having recently resumed this 'Q uest ' 
 If the user running the powershell console is delegated permissions to view or change the objects specified in the SPML request in ARS <via access template>, and the ARS host targeted in the script is running the ARS SPML web endpoint, and the object attribute to be accessed is exposed in the SPMLSchema.config, then the the SPML query/update will complete. slick and easy way to provide a simple PS script for a customer that needs to routinely check-a-box in ARS (triggering a workflow), which currently requires launching a web browser, navigating to the object, opening the tab, the checking the box and clicking 'save' and prevents distributing the full bucket of ARS commandlets to an audience that doesn't need the excess functionality. How many licks does it take to get to the center of a tootsie pop? With PowerShell and SPML, just one.

Endpoint Privilege Management

Is there a way to pass-thru current default credentials to powershell SPML request to ARS?

Top Replies