XenServer stores the passwords to any CIFS/SMB share you are currently using or have used in the past even if the share was removed. (Tested this up to XenServer 7.)
Now, this can be a concern because these credentials might be to a domain account, domain administrator account, or have privileged access to a specific system. I wrote the following command to go through and clear all of the stored CIFS/SMB shares.
xe secret-list | grep uuid | cut -c 17- | xargs -I {Var} xe secret-destroy uuid={Var}
This query’s all existing passwords, removes the unnecessary text, and removes the saved passwords.
Breakdown
xe secret-list
Lists all passwords and UUIDs.
xe secret-list | grep uuid
Lists just the UUIDs of existing CIFS passwords
cut -c 17-
Removes the excess characters of the “xe secret-list | grep uuid” command.
xargs -I {Var}
Passes the results of the previous command to the next one with a set variable, in this case “{Var}”
xe secret-destroy uuid=
Removes the password from “xe secret-list”
