CODEWITHSUNDEEP
powershell
Mike Murray
Mike Murray

Reputation: 148

invoke-webrequest returns 401 with Windows Authentication

I'm working on a script to login to a sharepoint 2013 site and navigate to a few pages to make sure the site is working after updates and DR drills. I'm calling Invoke-WebRequest like this:

$site = Invoke-WebRequest -uri 'https://spsite' -Credential $(Get-Credential) -SessionVariable s

when I make the call I get a 401 Unauthorized error back. I have tried using basic authentication and building out the headers like this: 

$u = 'domain\user'
$p = 'password'
$header = @{ Authorization = "Basic {0}" -f [convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $u,$p))) }

$site = Invoke-WebRequest -uri 'https://spsite' -Headers $header

with the same result. I'm hoping someone could offer another way to make this connection?

Upvotes: 1

Views: 21284

Answers (2)

John Zabroski
John Zabroski

Reputation: 2357

Use Export-PSCredential and Import-PSCredential from WFTools - you'll only have to enter your credentials once per box, and it will last as long as your password doesn't change: https://github.com/RamblingCookieMonster/PowerShell

Install-Module -Name WFTools -RequiredVersion 0.1.44

Import-Module WFTools;

$getCredentialMessage = "Please provide your Windows credentials";
$importedCredential = Import-PSCredential;
if ($importedCredential) {
    Write-Host -ForegroundColor Yellow "Imported your cached credential."
    while (-not $(Test-Credential -Credential $credential)) {
        Write-Host -ForegroundColor Yellow "Your cached credentials are not valid. Please re-enter."
        $credential = Get-Credential -Message $getCredentialMessage;
    }
    $credential = $importedCredential;
}
else {
    $credential = Get-Credential -Message $getCredentialMessage;
    while (-not $(Test-Credential -Credential $credential)) {
        $credential = Get-Credential -Message $getCredentialMessage;
    }
    Export-PSCredential $credential;
}

# Here is where the magic happens
$site = Invoke-WebRequest -uri 'https://spsite' -Credential $credential

Upvotes: 0

Mike Murray
Mike Murray

Reputation: 148

so I found a way to make this work in my situation and wanted to post the basics in case someone else runs into this.

I found that when the exception is thrown you can get the actual response from the web server from the exception object like this:

try{
    $site = Invoke-WebRequest -uri 'https://spsite' -Credential $(Get-Credential) -SessionVariable s
}
catch{
    $site = $_.Exception.Response
}

after that I was able to manipulate the $site variable to follow the redirection and submit the credentials as needed.

Upvotes: 8

Related Questions