{"id":601,"date":"2021-05-12T01:23:27","date_gmt":"2021-05-12T01:23:27","guid":{"rendered":"http:\/\/draith.azurewebsites.net\/?p=601"},"modified":"2021-05-12T02:33:12","modified_gmt":"2021-05-12T02:33:12","slug":"powershell-secrets-gotchas","status":"publish","type":"post","link":"https:\/\/draith.com\/?p=601","title":{"rendered":"PowerShell Secrets Gotchas"},"content":{"rendered":"\n

PowerShell Secrets Management<\/a> is released, and it’s off to a very good start, but there are some things you might want to watch out for. <\/p>\n\n\n\n

The first one got me almost immediately – right after installing both modules and creating my first store. I tried to create a new secret, and was prompted for a password. It manifested in 2 different ways:<\/p>\n\n\n\n

“Exception Calling Prompt Unlock Vault” was the first, and occurred when trying to perform pretty much any cmdlet associated with a store. Deleting and recreating the store made no difference.<\/p>\n\n\n\n

The second issue was an exception claiming a null value was passed as a password, when it clearly wasn’t the case:<\/p>\n\n\n\n

\"Cannot convert null to 'Microsoft.PowerShell.SecretStore.Authenticate' because it is a non-nullable value type\"<\/pre>\n\n\n\n
There is good news, though – both issues can be solves with a simple Reset-SecretStore.<\/p>\n\n\n\n
<\/p>\n\n\n\n
The next is an odd one – the scope for vaults is limited to the current user.  You can’t add a vault with AllUsers, for example:<\/p>\n\n\n\n
PS  C:\\blog (8:10:28 PM) > Set-SecretStoreConfiguration -Scope AllUsers\nSet-SecretStoreConfiguration: AllUsers scope is not yet supported.<\/pre><\/div>\n\n\n\n
So this means that you can’t create a store with your normal account, and access it with a service account or admin account.  The only two currently allowed values are “CurrentUser” and “AllUsers”, but fails with the above error if you try AllUsers.  This could potentially be a deal breaker for some, but the error message hints that support might be coming in the future.<\/p>\n\n\n\n
So that’s it!  A quick on this time, but I hope it helps save you a few minutes of frustration.<\/p>\n","protected":false},"excerpt":{"rendered":"
PowerShell Secrets Management is released, and it’s off to a very good start, but there are some things you might want to watch out for. The first one got me almost immediately – right after installing both modules and creating my first store. I tried to create a new secret, and was prompted for a … Continue reading “PowerShell Secrets Gotchas”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-601","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/posts\/601","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/draith.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=601"}],"version-history":[{"count":2,"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/posts\/601\/revisions"}],"predecessor-version":[{"id":603,"href":"https:\/\/draith.com\/index.php?rest_route=\/wp\/v2\/posts\/601\/revisions\/603"}],"wp:attachment":[{"href":"https:\/\/draith.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=601"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/draith.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=601"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/draith.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=601"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}