cjabates
Contributor
Contributor

Get-VICredentialStoreItem gives cryptographic subsystem error

When I try to pull credentials out of a store file inside a script file run in a PowerShell window, I get the following error:

Get-VICredentialStoreItem : The operation completed successfully.
At D:\scripts\powershell\SnapShots\credtest.ps1:3 char:10
+ $creds = Get-VICredentialStoreItem -user 'unet\t1-svc_vmw_vcenter' -f ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-VICredentialStoreItem], CryptographicException
+ FullyQualifiedErrorId : Core_GetVICredentialStoreItem_ProcessRecordget,VMware.VimAutomation.ViCore.Cmdlets.Comma
nds.GetVICredentialStoreItem

 

If I run the same script inside the PowerShell ISE, it works just fine.

This script is the base for a scheduled task that had been running for almost 3 years that stopped working properly in April, so I need to find out how to fix this as soon as possible.

 

This is running on a Windows 2016 server.  I know the PowerCLI modules are old, but they still work - if I run this script in PS ISE, it runs perfectly fine, just not in a PS window or as a Scheduled Task.

PSVersion 5.1.14393.4402
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.14393.4402
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1

ModuleType Version Name ExportedCommands
---------- ------- ---- ----------------
Script 0.0 Initialize-VMware.VimAutomation....
Script 0.0 Initialize-VMware.VimAutomation....
Script 0.0 Initialize-VMware.VimAutomation....
Script 0.0 Initialize-VMware_DeployAutomation
Script 0.0 Initialize-VMware_VimAutomation_Cis
Script 0.0 Initialize-VMware_VumAutomation
Manifest 3.1.0.0 Microsoft.PowerShell.Management {Add-Computer, Add-Content, Checkpoint-Computer, Clear-Con...
Manifest 3.0.0.0 Microsoft.PowerShell.Security {ConvertFrom-SecureString, ConvertTo-SecureString, Get-Acl...
Manifest 3.1.0.0 Microsoft.PowerShell.Utility {Add-Member, Add-Type, Clear-Variable, Compare-Object...}
Manifest 3.0.0.0 Microsoft.WSMan.Management {Connect-WSMan, Disable-WSManCredSSP, Disconnect-WSMan, En...
Script 1.2 PSReadline {Get-PSReadlineKeyHandler, Get-PSReadlineOption, Remove-PS...
Binary 6.0.0.0 VMware.DeployAutomation {Add-DeployRule, Add-ProxyServer, Add-ScriptBundle, Copy-D...
Binary 6.0.0.0 VMware.ImageBuilder {Add-EsxSoftwareDepot, Add-EsxSoftwarePackage, Compare-Esx...
Binary 6.5.0.4... VMware.VimAutomation.Cis.Core {Connect-CisServer, Disconnect-CisServer, Get-CisService}
Binary 6.5.0.4... VMware.VimAutomation.Cloud {Add-CIDatastore, Connect-CIServer, Disconnect-CIServer, G...
Manifest 6.5.0.4... VMware.VimAutomation.Common
Binary 6.5.0.2... VMware.VimAutomation.Core {Add-PassthroughDevice, Add-VirtualSwitchPhysicalNetworkAd...
Binary 6.0.0.0 VMware.VimAutomation.HA Get-DrmInfo
Binary 7.0.2.4... VMware.VimAutomation.HorizonView {Connect-HVServer, Disconnect-HVServer}
Binary 6.5.0.4... VMware.VimAutomation.License Get-LicenseDataManager
Binary 6.5.0.4... VMware.VimAutomation.PCloud {Connect-PIServer, Disconnect-PIServer, Get-PIComputeInsta...
Manifest 6.5.0.4... VMware.VimAutomation.Sdk Get-PSVersion
Binary 6.5.0.4... VMware.VimAutomation.Storage {Copy-VDisk, Export-SpbmStoragePolicy, Get-NfsUser, Get-Sp...
Binary 6.5.0.4... VMware.VimAutomation.Vds {Add-VDSwitchPhysicalNetworkAdapter, Add-VDSwitchVMHost, E...
Binary 6.5.0.4... VMware.VimAutomation.vROps {Connect-OMServer, Disconnect-OMServer, Get-OMAlert, Get-O...
Binary 6.0.0.0 VMware.VumAutomation {Add-EntityBaseline, Copy-Patch, Get-Baseline, Get-Complia...

 

All help will be appreciated.

 

Thank you.

Chris

0 Kudos
4 Replies
LucD
Leadership
Leadership

Is there a reason you are using this very old PowerCLI version?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
LucD
Leadership
Leadership

That exception happens when you are not the user that created that secure string.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
cjabates
Contributor
Contributor

The same account created the file, and it works when run in the PowerShell ISE, but not as a scheduled task (logged in as that user) or in a PowerShell window.

As for why the old version, newer versions don't import correctly- I see a LOT of .Net dll errors.

 

Chris

0 Kudos
LucD
Leadership
Leadership

I don't have such an old version available, so I can't really help you.

I would suggest you first fix those .NET errors and upgrade your PowerCLI version.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos