When you use the "New" flag with NCRYPT_SILENT_FLAG, you guarantee that no dialog boxes pop up. This is critical for Windows services running under SYSTEM or LOCAL SERVICE accounts that have no desktop interaction.
| Parameter | Required | Description |
| :--- | :--- | :--- |
| --provider-name | Yes | Unique logical name for the provider (used by mount commands). |
| --backend | Yes | Storage backend for the encrypted blocks. |
| --cipher | No (default: aes-256-gcm) | Authenticated encryption algorithm. |
| --key-source | Yes | Source of the root encryption key. |
| --auto-unseal | No (default: false) | If true, uses a trust-on-first-use (TOFU) model. |
| --quota | Yes | Maximum size of the encrypted storage pool. |
| --policy | No | Path to a HashiCorp Sentinel or OPA policy for access rules. | ncryptopenstorageprovider new
When you call NCryptOpenStorageProvider: When you use the "New" flag with NCRYPT_SILENT_FLAG