Unusable for non-interactive accounts

[john-sakosky]

There does not appear to be a way for a script running as a non-interactive user to create/interact with a local Secret Store. As the password is set interactively on fist usage, a non-interactive user cannot set the password of a newly-created store. And as the stores are per-user, there is no way to create and configure a store manually. Adding a means to specify a password on store registration or through a secondary action would be very useful.

[OneUser1]

You can use Reset-SecretStore after creating it. This removes all SecretStore data! But if you just created it, there should be no problem with that. At least in my mind.. I am doing this in scripts and it works for me. You could use something like the following:

1. Interactively [securestring] $SecretStorePassword = Read-Host -Prompt "Please enter a new password for the SecretStore" -AsSecureString $SecretStorePassword | ConvertFrom-SecureString | Set-Content -Path C:\myPasswordFile -Force
2. Non-interactively <Create SecretStore here> Reset-SecretStore -Scope CurrentUser -Authentication Password -Password $(Get-Content -Path C:\myPasswordFile | ConvertTo-SecureString) -PasswordTimeout 300 -Interaction Prompt -Confirm:$true

Hops that helps.

[OneUser1]

Please also have a look at Issue #46 where something similar is discussed. Set-SecretStoreConfiguration provides another way to accomplish what you are looking for. You will find it in my post there.

[PaulHigin]

The latest RC3 release now lets Set-SecretStoreConfiguration to run non-interactively. https://devblogs.microsoft.com/powershell/secretstore-release-candidate-3/

Also, please see: https://github.com/PowerShell/SecretStore/issues/46#issuecomment-801212012

[john-sakosky]

Thank you. I had not seen the new release, issue resolved.