
function Set-CredentialsLocallyStored {
   Sets credential objects on a server that has never had them before
   This function takes a Powershell script and sets credentials on the local disk encrypted with the local system
   Saves the credentials that are currently in use
   When not present, the user will be required to provide credentials interactively
   Will save both Automate and Control credentials
   Set-CredentialsLocallyStored -Automate
   Set-CredentialsLocallyStored -Custom -CredentialDisplayName 'Office365' -CredentialDirectory "C:\Credentials"

    param (





        [Parameter(ParameterSetName = 'Automate')]
        [Parameter(ParameterSetName = 'Control')]
        [Parameter(ParameterSetName = 'All')]

        [Parameter(ParameterSetName = 'Automate')]
        [Parameter(ParameterSetName = 'Control')]
        [Parameter(ParameterSetName = "Custom",Mandatory=$True)]
        [string]$CredentialDirectory = "$($env:USERPROFILE)\AutomateAPI\"

    If ($All) {
        $Automate = $True
        $Control = $True

    If (-not (Test-Path $CredentialDirectory)) {
        New-Item -ItemType Directory -Force -Path $CredentialDirectory | ForEach-Object{$_.Attributes = "hidden"}

    If ($Automate) {
        If (!$SaveCurrent) {
            # The Connect-AutomateAPI Cmdlet will interrogate the user for credentials when give passed the following parameters
            # The variables are stored in script scope variables
            Connect-AutomateAPI -Server '' -Force

        $StoreVariables = @(
            @{'Name' = 'CWAServer'; 'Scope' = 'Script'},
            @{'Name' = 'CWACredentials'; 'Scope' = 'Script'},
            @{'Name' = 'CWATokenKey'; 'Scope' = 'Script'},
            @{'Name' = 'CWATokenInfo'; 'Scope' = 'Script'},
            @{'Name' = 'CWAClientID'; 'Scope' = 'Script'}

        $StoreBlock = [pscustomobject]@{}
        $CredentialPath = "$($CredentialDirectory)\Automate - Credentials.txt"

        Write-Verbose "Saving Automate Variables"
        Foreach ($SaveVar in $StoreVariables) {
            If (!(Get-Variable @SaveVar -ErrorAction 0)) {Continue}
            Write-Debug "Save $($SaveVar.Name)"
            If ($SaveVar.Name -match 'Credential') {
                Try {
                    $x_Credential = @{'UserName'=(Get-Variable @SaveVar -ValueOnly).UserName; 'Password'=((Get-Variable @SaveVar -ValueOnly).Password|ConvertFrom-SecureString)}
                    $Null = $StoreBlock | Add-Member -NotePropertyName $($SaveVar.Name) -NotePropertyValue $x_Credential
                } Catch {
                    Write-Warning "Failed to store $($SaveVar.Name), it is not a valid Credential."
            } ElseIf ($SaveVar.Name -match 'Key') {
                Try {
                    $x_Key = (Get-Variable @SaveVar -ValueOnly|ConvertFrom-SecureString)
                    $Null = $StoreBlock | Add-Member -NotePropertyName $($SaveVar.Name) -NotePropertyValue $x_Key
                } Catch {
                    Write-Warning "Failed to store $($SaveVar.Name), it is not a valid Secure String."
            } Else {
                $Null = $StoreBlock | Add-Member -NotePropertyName $($SaveVar.Name) -NotePropertyValue (Get-Variable @SaveVar -ValueOnly)

        $StoreBlock | ConvertTo-JSON -Depth 10 | Out-File -FilePath $CredentialPath -Force -NoNewline
        Write-Output "Automate Credentials Set"

    If ($Control) {
        If (!$SaveCurrent) {
            Connect-ControlAPI -Server ''

        $StoreVariables = @(
            @{'Name' = 'ControlAPICredentials'; 'Scope' = 'Script'},
            @{'Name' = 'ControlServer'; 'Scope' = 'Script'},
            @{'Name' = 'ControlAPIKey'; 'Scope' = 'Script'},
            @{'Name' = 'CWCHeaders'; 'Scope' = 'Script'}

        $StoreBlock = [pscustomobject]@{}
        $CredentialPath = "$($CredentialDirectory)\Control - Credentials.txt"
        Write-Verbose "Saving Control Variables"
        # Here we read the variables that were stored by the Connect-ControlAPI method and ultimately store them
        Foreach ($SaveVar in $StoreVariables) {
            If (!(Get-Variable @SaveVar -ErrorAction 0)) {Continue}
            Write-Debug "Save $($SaveVar.Name)"
            If ($SaveVar.Name -match 'Credential') {
                Try {
                    $x_Credential = @{'UserName'=(Get-Variable @SaveVar -ValueOnly).UserName; 'Password'=((Get-Variable @SaveVar -ValueOnly).Password|ConvertFrom-SecureString)}
                    $Null = $StoreBlock | Add-Member -NotePropertyName $($SaveVar.Name) -NotePropertyValue $x_Credential
                } Catch {
                    Write-Warning "Failed to store $($SaveVar.Name), it is not a valid Credential."
            } ElseIf ($SaveVar.Name -match 'Key') {
                Try {
                    $x_Key = (Get-Variable @SaveVar -ValueOnly|ConvertFrom-SecureString)
                    $Null = $StoreBlock | Add-Member -NotePropertyName $($SaveVar.Name) -NotePropertyValue $x_Key
                } Catch {
                    Write-Warning "Failed to store $($SaveVar.Name), it is not a valid Secure String."
            } Else {
                $Null = $StoreBlock | Add-Member -NotePropertyName $($SaveVar.Name) -NotePropertyValue (Get-Variable @SaveVar -ValueOnly)

        $StoreBlock | ConvertTo-JSON -Depth 10 | Out-File -FilePath $CredentialPath -Force -NoNewline
        Write-Output "Control Credentials Set"

    If ($Custom) {
        $StoreBlock = [pscustomobject]@{}
        $CredentialPath = "$($CredentialDirectory)\$($CredentialDisplayName).txt"
        $CustomCredentials = Get-Credential -Message "Please enter the Custom Username and Password to store"
        $Null = $StoreBlock | Add-Member -NotePropertyName 'CustomCredentials' -NotePropertyValue @{'UserName'=$CustomCredentials.UserName; 'Password'=($CustomCredentials.Password | ConvertFrom-SecureString)}

        $StoreBlock | ConvertTo-JSON -Depth 10 | Out-File -FilePath $CredentialPath -Force -NoNewline
        Write-Output "Custom Credentials Set for $($CredentialDisplayName)"
