Get-Secret fails when PowerShell script runs as a scheduled task.

I have a PowerShell backup script that connects to SMB shares, copies

files from one share to the other share, and disconnects. Passwords

used to connect to the shares are stored in a SecretStore. The user

account that the script runs under is an unpriviledged Backup Operator

that has access to the SMB shares. THe SecretStore was created under

the same user context. I can run the script manually in the console,

and it executes correctly. When I run the same script as a scheduled

task, running under the same user account, the script stops when the

Get-Secret cmdlet is called.

Here is some pertinent information:

PS C:\Users\incodebackup\Documents\Scripts\TUNet_Backup> $PSVersionTable

Name Value

---- -----

PSVersion 5.1.14393.3471

PSEdition Desktop

PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}

BuildVersion 10.0.14393.3471

CLRVersion 4.0.30319.42000

WSManStackVersion 3.0

PSRemotingProtocolVersion 2.3

SerializationVersion 1.1.0.1

PS C:\Users\incodebackup\Documents\Scripts\TUNet_Backup> Get-Module -ListAvailable

Directory: C:\Program Files\WindowsPowerShell\Modules

ModuleType Version Name ExportedCommands

---------- ------- ---- ----------------

Script 1.0.1 Microsoft.PowerShell.Operation.V... {Get-OperationValidation, Invoke-OperationValidation}

Binary 1.1.2 Microsoft.PowerShell.SecretManag... {Register-SecretVault, Unregister-SecretVault, Get-SecretVault, Set-SecretVaultDefault...}

Binary 1.0.6 Microsoft.PowerShell.SecretStore {Unlock-SecretStore, Set-SecretStorePassword, Get-SecretStoreConfiguration, Set-SecretStoreConfiguration...}

PS C:\Users\incodebackup\Documents\Scripts\TUNet_Backup> Get-SCheduledTask | Format-List -Property *

State : Ready

Actions : {MSFT_TaskExecAction}

Author : WIN-M95PVJLVDAB\incodebackup

Date : 2026-01-27T15:28:35.7952875

Description : This task copies files out of the TUNET/datafile directory once a say to ARCHIBALD.

Documentation :

Principal : MSFT_TaskPrincipal2

SecurityDescriptor :

Settings : MSFT_TaskSettings3

Source :

TaskName : Daily TUNet Backup Copy

TaskPath : \

Triggers : {MSFT_TaskDailyTrigger}

URI : \Daily TUNet Backup Copy

Version :

PSComputerName :

CimClass : Root/Microsoft/Windows/TaskScheduler:MSFT_ScheduledTask

CimInstanceProperties : {Actions, Author, Date, Description...}

CimSystemProperties : Microsoft.Management.Infrastructure.CimSystemProperties

I execute Start-Transcript early in the script execution, and because

of the crash(?), it is short enough to included in its entirety:

**********************

Windows PowerShell transcript start

Start time: 20260127190002

Username: WIN-M95PVJLVDAB\incodebackup

RunAs User: WIN-M95PVJLVDAB\incodebackup

Machine: WIN-M95PVJLVDAB (Microsoft Windows NT 10.0.14393.0)

Host Application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -NonInteractive -File C:\Users\Incodebackup\Documents\Scripts\TUNet_Backup\Copy-TUNetBackup.ps1 -daily -test

Process ID: 2084

PSVersion: 5.1.14393.3471

PSEdition: Desktop

PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.14393.3471

BuildVersion: 10.0.14393.3471

CLRVersion: 4.0.30319.42000

WSManStackVersion: 3.0

PSRemotingProtocolVersion: 2.3

SerializationVersion: 1.1.0.1

**********************

Transcript started, output file is C:\Users\Incodebackup\Documents\Scripts\TUNet_Backup\daily_2026-01-27_190002.log

2026/01/27 19:00:02 INFO 940 TUNet backup script started.

2026/01/27 19:00:02 INFO 941 Copy-TUNetBackup.ps1 Version: 6.0F

2026/01/27 19:00:02 INFO 942 Parameter qhourly: False

2026/01/27 19:00:02 INFO 943 Parameter hourly: False

2026/01/27 19:00:02 INFO 944 Parameter daily: True

2026/01/27 19:00:02 INFO 945 Parameter purge: False

2026/01/27 19:00:02 INFO 946 Parameter archive: False

2026/01/27 19:00:02 INFO 947 Parameter test: True

2026/01/27 19:00:02 INFO 1035 Creating mutex object.

2026/01/27 19:00:02 INFO 1037 Creating semaphore object.

2026/01/27 19:00:02 INFO 1058 Mutex timeout set: 300000

2026/01/27 19:00:02 INFO 1072 Attempting to acquire mutex to enter semaphore...

2026/01/27 19:00:02 INFO 1074 ...got the mutex!

2026/01/27 19:00:02 INFO 1075 Attempting to enter the semaphore...

2026/01/27 19:00:02 INFO 1077 ... got the semaphore!

2026/01/27 19:00:02 INFO 719 Release-Mutex: Attempting to release mutex...

2026/01/27 19:00:02 INFO 721 Release-Mutex: ...done.

2026/01/27 19:00:02 INFO 1090 Using TEST values for source and destination paths.

2026/01/27 19:00:02 INFO 1109 TUnet Source: \\192.168.100.46\Netbackup\Netbackup\Tantalus\test_src\datafile

2026/01/27 19:00:02 INFO 1110 ARCHIE Dest: \\192.168.100.46\Netbackup\Netbackup\Tantalus\test_dest\datafile

2026/01/27 19:00:02 INFO 1114 Attempt to acquire mutex to mount network shares...

2026/01/27 19:00:02 INFO 1116 ...got the mutex!

2026/01/27 19:00:02 INFO 1117 Opening SecretStore vault...!

2026/01/27 19:00:02 INFO 1120 ... vault opened!

2026/01/27 19:00:02 INFO 1121 Checking connection to \\192.168.100.46\Netbackup\Netbackup\Tantalus ...

2026/01/27 19:00:02 INFO 1126 ...not connected to \\192.168.100.46\Netbackup\Netbackup\Tantalus .

2026/01/27 19:00:02 INFO 1127 Get FULTON\incodebackup password...

**********************

Windows PowerShell transcript end

End time: 20260127190002

**********************

Now I will show you the script around line 1127 where it goes out into

the weeds:

Write-Log -Level "INFO" -Message "$(__LINE__) Opening SecretStore vault...!"

$pw = Import-CliXml -Path '.\TUNet-Backup-Vault.xml' -Verbose

Unlock-SecretStore -Password $pw

Write-Log -Level "INFO" -Message "$(__LINE__) ... vault opened!"

#

# Statements omitted

#

Write-Log -Level "INFO" -Message "$(__LINE__) Get $archie_un password..."

try {

$pw = Get-Secret -Name $archie_un -Verbose -Debug

} catch {

$err_msg = "Get-Secret exception. Name: $archie_un Exception: $($_.Exception.Message)"

Write-Log -Level "FATAL" -Message "$(__LINE__) $err_msg"

throw $err_msg

}

Write-Log -Level "INFO" -Message "$(__LINE__) ...done!"

I was able to unlock the SecretStore, but Get-Secret fails. The very

odd thing, besides not getting my password out the SecretStore, is

that there is no exception posted by Powershell. I have no information

at all about why my attempt did not work. If Get-Secret exited, then I

would expect one of the two possible log messages printed in the

transcript, but as you can see, the transcript ended.

Note: the entire script body is encapsulated in a try{} block, which

has an associated finally{} block, which contains other logging

commands that execute when the finally{} block is entered, but in

scheduled task instance, nothing.

If anyone can tell me how to make Get-Secret work, that would be

great, but I'll settle very gratefully for some way to get more

information from this system to try to figure out why it is not, that

would be most helpful.

Additional information supplied on request.