Reputation: 1
Error: ConvertTo-SecureString : Key not valid for use in specified state
We have one script which has been used to store password to a text file and then the mail script recalls/reuses this password from the password text file to run the master script. I am getting below error,after changing the password.
Script used to generate secure password:
"Password" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Out-File "D:\Scripts\Password.txt"
Error we are getting now:
At C:\Scripts\Lync_HealthCheck_Prod.ps1:1199 char:82
+ $PasswrdS = Get-Content C:\Windows\System32\SecStrng.sec | convertto-securest
ring <<<<
+ CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], C
ryptographicException
+ FullyQualifiedErrorId : ImportSecureString_InvalidArgument_Cryptographic
Error,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand
New-Object : Exception calling ".ctor" with "2" argument(s): "Cannot process ar
gument because the value of argument "password" is null. Change the value of ar
gument "password" to a non-null value."
At C:\Scripts\Lync_HealthCheck_Prod.ps1:1218 char:27
+ $Creds1 = New-Object <<<< System.Management.Automation.PSCredential -A
rgumentList $CheckUser1, $PasswrdS
+ CategoryInfo : InvalidOperation: (:) [New-Object], MethodInvoca
tionException
+ FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.Power
Shell.Commands.NewObjectCommand
Would be great if you can help.
Upvotes: 0
Views: 9247
Answers (2)
Reputation: 1
Exactly same problem, due to NTFS rights mismatch on the sec file. Get-content is OK, but not call of Convertto-SecureString. User who created the password file was not the user who executed the program. I put total control on this file for both users. It is OK now.
To be more accurate : I connected with account needed to run, drop and recreated the secure file containing credentials. This file is useful only for this account
Upvotes: 0
Reputation: 24071
The error message claims that you are handling null values:
"Cannot process argument because the value of argument "password" is null.
So, double-check that you actually are reading good content from the password file. The location in C:\Windows\System32 very hints that the process is looking for it from wrong location.
$PasswrdS = Get-Content C:\Windows\System32\SecStrng.sec
Upvotes: 2
Related Questions
- Powershell ConvertTo-SecureString not recognised if run script inline from cmd
- Why does PowerShell reject my secure string and say it cannot convert it to a secure string?
- Can not convert String to Secure String for use in New-ADUser
- Saving credentials for reuse by powershell and error ConvertTo-SecureString : Key not valid for use in specified state
- ConvertFrom-SecureString not encrypting string
- PowerShell splatting SecureString is converted to String
- ConvertTo-SecureString Key not valid for use in specified state
- ConvertTo-SecureString without -AsPlainText -Force
- PowerShell ConvertTo-SecureString Syntax
- ConvertTo-SecureString - Key not valid for use in specified state After Reboot