3,085 questions
Create user key in "Microsoft Software Key Storage Provider" via NCrypt from a background process
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 86%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Martin A
1
Reputation point
Background
I have an application running as a background process on Windows 10 as a different user account (userX) than the currently logged on user (userA). This application needs to be able to create/open RSA keys in the "Microsoft Software Key Storage Provider" via NCrypt.
Problem
I have tried to create a user key in the application. This fails in the call to NCryptCreatePersistedKey with the error code 0x80070002. If I run the application as userA everything works as expected. If I log on to the computer as userX, select "Switch user" in Windows, log on as userA and run the application as userX, everything works as expected. If I open a command prompt and run runas /user:userX cmd, everything works as expected while the prompt is open. So, it seems like I am not able to create a user key unless the user is interactively logged on to the computer. Is this correct?
Is there a way to create user keys via NCrypt API without being interactively logged on to the computer?
----
I would like to add more related tags such as ncrypt, cng etc. but I am forced to select from the predefined tags.
Windows for business Windows Client for IT Pros Devices and deployment Configure application groups
Sign in to answer