aspreg_iis -pa "NT Authority\Network Service" + Windows Server 2000

M

mike55

Contributor
Joined
Mar 26, 2004
Messages
727
Location
Ireland
I am using a windows 2000 server on which I am deploying a simple web application with some of the web.config elements encrypted.

I have generated a machine level key container using the following:
Aspnet_regiis –pc “CustomKeys” –exp

I have exported the key to my server using:
Aspnet_regiis –px “CustomKeys” “C:\temp\CustomKeys.xml” –pri
and
Aspnet_regiis –pi “CustomKeys” “C:\temp\CustomKeys.xml”

I have granted access to the Custom Key Store to the ASPNET account using:
Aspnet_regiis –pa “CustomKeys” “ASPNET”

However, when I try to do the same for the "NT Authority\Network Service" account I am prevented from doing so.

Apparently "NT Authority\Network Service" does not exist for Windows 2000 server. What should I be using instead?

Mike55.
 
Thanks for the reply Nate. "Network Service" is only available from Windows 2003 server onwards. I also tried to register the account using the aspnet_regiis -ga "Network Service" command but got back an error message telling me that the account does not exist.

Mike55.
 
Getting a Parser Error Message: Failed to decrypt using provider 'Rawhide'. Error message from the provider: The RSA key container could not be opened.

Mike55.
 
Are you doing any impersonation in your Web.config file?

Do you have annoynmouse access setup for your site? if so, does that have use a specific account (like domain\specialuser)?

If so, you may need to aspreg those accounts as well.
 
Allowed both of those accounts. I believe that what I am trying to do is not allowed by windows 2000 server. Trying to get access to a 2003 server and I am going to repeat the same steps and see from there.

Mike55.
 
Solved the problem, it would appear that I must register the name of the "CustomKey" rather than the Key name.

Mike55.
 
Back
Top