Trying o pull user creds is not prudent. There are not there in plain text and are not reversible for passing on to any other action.
You say you are presenting a GUI to ask the user for creds. During any interactive session, if you asking for creds, you need to ask for them securely.
Once you've done that, you can get the username and password directly via code. Yet, you are now handling very sensitive user information. You really need to check with your security / risk management / policy team about doing this. This is because you are literally capturing user creds that you can use anywhere the user has access and nothing prevents you from running off with them later.
So, you could simply use Get-Credential or create a new PSCredential object, or use SecureString to ask for user creds, then when you need them, just reverse that.
($Creds = Get-credential -Credential "$env:USERDOMAIN\$env:USERDOMAIN")
$Creds.GetNetworkCredential().UserName
$Creds.GetNetworkCredential().Password
# Results
UserName Password
-------- --------
contoso\testuser System.Security.SecureString
testuser
password
($Username = Read-Host -Prompt 'Enter username')
($Password = Read-Host -Prompt 'Enter password' -AsSecureString)
($Creds = New-Object System.Management.Automation.PSCredential ($Username, $Password))
$Creds.GetNetworkCredential().UserName
$Creds.GetNetworkCredential().Password
# Results
Enter username: contoso\testuser
contoso\testuser
System.Security.SecureString
UserName Password
-------- --------
contoso\testuser System.Security.SecureString
testuser
password
($Creds = New-Object PSCredential $Username, $Password)
$Creds.GetNetworkCredential().UserName
$Creds.GetNetworkCredential().Password
# Results
$Creds
UserName Password
-------- --------
contoso\testuser System.Security.SecureString
UserName Password
-------- --------
contoso\testuser System.Security.SecureString
testuser
password
Update for OP
As for …
where to save them. I want to know where I should save them to cache
the user credentials
These are the approaches you can leverage. This of course has to be done in advance of any other use case that will need it.
using secure password with multiple users without prompt
#saving credentials
Get-Credential | Export-CliXml -Path c:\credential.xml
#importing credentials to a variable
$Credential = Import-CliXml -Path c:\credential.xml
A YouTube Video on the topic:
Learn to securely use Passwords with PowerShell
You could also use the Windows Credential Store, and call it from there. Also shown in the above video.
Using Windows Credential Manager
https://gallery.technet.microsoft.com/scriptcenter/PowerShell-Credentials-d44c3cde
https://www.powershellgallery.com/packages/CredentialManager/1.0
https://www.experts-exchange.com/questions/29061982/Powershell-Using-credentials-stored-in-Credential-Manager.html
Thank you for your reply, I understand the problem with the sensitive information. But I am afraid I wrongly expressed myself. My problem ist not just how to ask for credentials, but where to save them. I want to know where I should save them to cache the user credentials. – Andi D. – 2019-04-15T11:42:07.627
See my update for you - and you will want to have this conversation with your risk management / security team(s) and policy folks, before deciding on either option provided. To make sure it will be allowed, supported and maintained long term. Once you set either of them, it's static. If that password changes on the account used, you have to go back and redo whatever option you choose to update the identity store. – postanote – 2019-04-15T17:24:56.447