En-/decrypt a (custom) ConfigurationSection with user credentials (non machine specific)

Question

I'm developing a .NET 4.5 desktop-application (wpf). I successfully created a custom section from which I can load/edit data in the App.config. Now I want to encrypt this section and managed to do so with the DPAPI:

SectionInformation secInfo = Section.SectionInformation;
if(!secInfo.IsProtected)
{
    secInfo.ProtectionSection("DataProtectionConfigurationProvider");
    secInfo.ForceSave = true;
}

However, when I try to decrypt this App.config on another machine - but with same user (active directory), this fails. I don't have the specific error message at hand - I believe it ain't neccessary at all, because it seems obvious to me that this is a failure due to the "use machine store" flag which I don't know how to turn off.

I tried so by adding a configProtectedData in my app.config, like this:

<configuration>
    <configProtectedData>
        <providers>
            <add useMachineProtection="false" keyEntropy="" name="MyUserDataProtectionConfigurationProvider"
            type="System.Configuration.DpapiProtectedConfigurationProvider, System.Configuration,
            Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
        </providers>
    </configProtectedData>
</configuration>

I than changed secInfo.ProtectionSection("DataProtectionConfigurationProvider");

to secInfo.ProtectionSection("MyUserDataProtectionConfigurationProvider");

However I get the intellisense error "the 'useMachineProtection' attribute is not allowed." in the App.config and I get a TypeInitializationException in System.Windows.Application.ApplicationInit() in System.Windows.Application..ctor() when I start the application. I read that I have to run a console command to encrypt the file with the custom ProtectionProvider, but these tutorials where all about ASP.NET, so I'm not sure this will suit my needs.

I'm kinda stuck here. This API is kinda neat, because I don't have to bother about how and when to decrypt - I just read the values from the section and the rest is done automatically. Long story short: How to encrypt with DPAPI user-store, or if not possible: what's an easy to implement alternative?