Managing stored credentials from the Windows command prompt using cmdkey
I’ve been meaning to blog about a command which is a reasonably recent addition to Windows for a few weeks now –
cmdkey.exe (thanks to John Craddock for highlighting this at a recent XTSeminars event).
Basically Microsoft’s cmdkey, introduced with Windows Server 2003 (and which should not be confused with Jason Hood’s companion for
cmd.exe), is used to create, list and delete stored security credentials.
For example, I back up the notebook PC that I use for work to my Netgear ReadyNAS using SyncToy. My ReadyNAS does not support Active Directory but it does provide SMB/CIFS access. This means that I can authenticate directly against a share but the username and password do not match the cached domain credentials on the notebook PC.
Supplying credentials each time I need to connect (or forgetting to before attempting a sync) is inconvenient, so I used
cmdkey to store the username and password that I use to connect to the share:
cmdkey /add:computername /user:username /pass:password
In this case
cmdkey responded as follows:
CMDKEY: Credential added successfully.
Currently stored credentials:
Type: Domain Password
and I can connect to a share without supplying any credentials:
net use h: \\<em>computername</em>\<em>sharename</em>
The command completed successfully.
Furthermore this drive mapping (and stored credentials) persists on reboot – when the computer is restarted, H: is visible as a disconnected drive in Windows Explorer but as soon as I double-click it I connect without a prompt to supply credentials.