Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-8213

powershell-dsc module-Passwords as plain text in Windows agent output and in catalog file

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Ready for Engineering
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: dsc
    • Labels:
      None
    • Environment:

       

       

    • Template:
      MODULES Bug Template
    • Team:
      Windows
    • Sprint:
      Windows Hopper
    • Method Found:
      Needs Assessment
    • QA Risk Assessment:
      Needs Assessment

      Description

      Can you please confirm if this is module or puppet agent scope.Is Sensitive data type suported?
      I encrypted password by hiera,passwords are shown as plain text in catalog JSON file and in puppet agent output.

       I found similar issue:https://tickets.puppetlabs.com/browse/PUP-7057

       

       

      Basic Info
      Module Version:1.7.0
      Puppet Version:5.5.2
      Puppet server:OS Name/Version:AWS Ops Work EC2 instance 4.14.72-73.55.amzn2.x86_64
      Node:Windows Server 2016
      Password shown in plain when creating new AD user

       

      {
       
      {dsc_xADUser {'FirstUser':
       
      dsc_ensure => 'present',}}
       
      {
       
      { dsc_domainname => 'ad.contoso.com',}}
       
      {
       
      { dsc_username => 'tfl',
       dsc_userprincipalname => 'tfl@ad.contoso.com',
       dsc_password => {}}
       
      {
       
      { 'user' => 'tfl@ad.contoso.com',
       'password' => Sensitive(lookup('password'))
       },
       
      }
       
      }
       
      {
       
      { dsc_passwordneverexpires => true,}}
       
      {
       
      { dsc_domainadministratorcredential => {}}
       
      {
       
      { 'user' => 'Administrator@ad.contoso.com',
       'password' => Sensitive(lookup('password'))
       },
       
      }
       
      }
       
      }
      

      Desired Behavior:

      When running puppet agent -t -v password should be hidden/encrypted

      Actual Behavior:

      Password is shown in plain text

       

      'password' = 'Password'

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              dvucanovic Dragan Vucanovic
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:

                  Zendesk Support