Microsoft Knowledge Base Article
This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved.
Terms
of Use |
Trademarks
Article ID: 867651 - Last Review: December 26, 2006 - Revision: 1.3
You cannot add a TLS certificate to a computer that is running Office Live Communications Server 2003
When you try to add a Transport Layer Security (TLS) certificate to the
Authentication tab of a computer that is running Microsoft Office Live Communications Server 2003, you may receive the following error message:
Live Communications Server Snap-in cannot save some or all of the settings.
This problem occurs because you do not have access to the following object:
\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\GUID
This key has permissions set to full control only for the user account that added the actual certificate to the local machine store.
To resolve this problem, you must grant permissions to the following object:
\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\GUID
You must grant permissions to this object if the following conditions are true:
- You are installing Office Live Communications Server 2003.
- You are not using the same account that you used to add the TLS certificate to the local machine store.
You must grant the installing account full control to the following object before you can add the TLS authentication method:
\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\GUID
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
You can use the Sysinternals Filemon utility to determine the GUID you must grant access to. To do this, filter on the Wmiprvse.exe process ID that is owned by NETWORK SERVICE while you reproduce the error.
To obtain the Sysinternals Filemon utility, visit the following Sysinternals Web site:
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
APPLIES TO
- Microsoft Office Live Communications Server 2003
Community Feedback System
Very often, it takes hours to solve a problem. Very often, you've looked high
and low, and have tried a lot of solutions. When you finally found it, chances
are, it was because someone else helped you. Here's your chance to give back.
Use our community feedback tool to let others know what worked for you and what
didn't.
Please also understand that the community feedback system is not warranted to be
correct, it's simply a system that we've built to let people try and help each
other. If something in a feedback response doesn't make sense to you, or you're
not comfortable making changes that the feedback talks about (like registry
edits), please consult a professional.
Thank you for using kbAlertz.com Feedback System.
-- Scott Cate