RE: Problem reading encrypted credentials from registry
From: Matthew (Matthew_at_discussions.microsoft.com)
Date: Tue, 29 Jun 2004 08:26:54 -0700
"David Coe, MCP" wrote:
> The user that you are running ASP.NET as (ASPNET, or some customer user) will need to have access to the registry to read it.
I tried a number of times to set permissions for the Network service account. but it failed to access it each time. Finally, after a 3 week vacation I tried again and was successful. I think my problem was that I set the permissions to high on the registry tree. Setting them on the lowest branch lead to success.
I did run into another problem with the password. I could read it from the registry but it could not create a valid user token from it. This even though when I used the same password as a simple string it would create the user. After some experimentation I discovered that the percent character "%" which I had included in the password was causing the problem. Changing that to another character alowed the password to be read correctly. I am not sure where the "%" was causing the problem (encryption, storage, retrieval, decryption) but changing it took care of my problems.
Thanks for the assistance.