Re: How can Guest use encryption?

From: sean (seanecovel_at_comcast.net)
Date: 02/18/05 

Date: Fri, 18 Feb 2005 15:29:32 -0500
To: lelteto <lelteto@discussions.microsoft.com>

You are correct sir!

Thanks,

Sean

lelteto wrote:
> You don't need a key store if you use CryptAcquireContext with
> CRYPT_VERIFYCONTEXT.
>
> Laszlo Elteto
> SafeNet, Inc.
>
> "sean" wrote:
>
>
>>I have a Windows 2000 kiosk PC that is logged-in as Guest. I have a C++
>>application that uses the Crypto API to encrypt communication over the
>>Internet. When the application tries to create the keystore so the key
>>can be imported and used I get the error:
>>
>>0x80090024 - The profile for the user is a temporary profile.
>>
>>The only information I can find about this error is this:
>>
>><http://support.microsoft.com/default.aspx?scid=kb;en-us;265357>
>>
>>The relevant paragraph:
>>
>>This error also occurs if the user is a member of the Guests or Domain
>>Guests group, but this is by design. Certificates and the associated
>>private keys are stored in a secured location in the user's profile. If
>>the user is a member of the Guests or Domain Guests groups, then the
>>system marks the profile as temporary which means it will be deleted
>>when the user logs off. Windows 2000 will not allow you to save a
>>private key to a temporary profile because it will not persist from
>>logon session to logon session.
>>
>>I need to create a keystore just so I can import my pre-shared key. I
>>use the key, then delete it. Its a temporary thing. Not allowing Guest
>>to create a keystore just because it will get deleted on logout seems to
>>me to be a very limiting restriction, and for no apparent reason.
>>
>>Is there any way around this problem?
>>
>>Thanks,
>>
>>Sean
>>

Relevant Pages

  • RE: CryptAcquireContext() question.
    ... NTE_TEMPORARY_PROFILE (The profile for the user is a temporary profile). ... This error also occurs if the user is a member of the Guests or Domain ... because it will not persist from logon session to logon session. ...
    (microsoft.public.platformsdk.security)
  • RE: How can Guest use encryption?
    ... "sean" wrote: ... > This error also occurs if the user is a member of the Guests or Domain ... > private keys are stored in a secured location in the user's profile. ... > I need to create a keystore just so I can import my pre-shared key. ...
    (microsoft.public.platformsdk.security)
  • Re: How can Guest use encryption?
    ... >>This error also occurs if the user is a member of the Guests or Domain ... >>private keys are stored in a secured location in the user's profile. ... >>logon session to logon session. ...
    (microsoft.public.platformsdk.security)
  • Re: How can Guest use encryption?
    ... >>This error also occurs if the user is a member of the Guests or Domain ... >>private keys are stored in a secured location in the user's profile. ... >>logon session to logon session. ...
    (microsoft.public.platformsdk.security)
Loading