Security concern with storing secrets in clear text powershell scripts

damienvanrobaeys / Intune_Add_PrimaryUser_LocalAdmin

Add the device primary user to local administrators group with PowerShell and no CSP

7 stars 3 forks source link

Security concern with storing secrets in clear text powershell scripts #1

Open sudomoke opened 2 years ago

sudomoke commented 2 years ago

I am not sure how intune handles the storage of the powershell files, but is it not a security issue to provide a client id and secret in clear text in a powershell script being downloaded and run on end-user devices?

liam-silvatech commented 1 year ago

You can also recover the uploaded PowerShell script from the Graph API.

Install-Module -Name Microsoft.Graph.Intune

Get-DeviceManagementScripts -FolderPath C:\IntuneScripts

It is also cached locally on the device during deployment/running.