Home / server / Questions / 783041
Accepted
Jack B Nimble
Asked: 2016-06-10 09:25:20 +0800 CST

RemoteApp and encrypted connection strings in the machine.config

  • 772

We have several applications which use encrypted connection strings from with the machine.config on the server.

Now we are starting to experiment with RemoteApps, but are getting the error:

enter image description here

Whenever a non-Adminstrator user attempts to connect to the app.

How do I get a normal domain user to be able to access the encrypted connection strings in the server's machine.config via a RemoteApp?

windows-server-2008 remote-desktop-services

1 Answers

  1. Best Answer

    I eventually was able to find that I needed to allow the user access to the RSAProviderName in order to decrypt the connectionStrings block. The answer came from this Microsoft Blog

    “Failed to decrypt using provider ‘RsaProtectedConfigurationProvider’.
 Error message from the provider: The RSA key container could not be opened

    Fortunately the ASPNet_regiis tool gives us the option to add users to the ACL of the key containers using the –pa parameter.

    For example to give access to the ASPNET user

    aspnet_regiis -pa “<key container name>” “ASPNET”

    The <key container name> can be found in the machine.config under the <configProtectedData> under the property keyContainerName

    • 0