The content manager uses the .NET encryption key to encrypt sensitive configuration data, such as passwords. By default, nothing is encrypted. The following user accounts automatically access this encryption key:
- The system account of any Content Manager (including the Content Manager user account and user impersonation accounts created during installation).
- The user account that the installer originally ran
Using configuration encryption functionality is completely transparent if the following is true:
- The user account that runs the Tridion MMC Snap-in SDL is the same user account that the installer originally launched.
- A user running various Windows SDL Tridion services does not change from the default.
If you want to start Snap-in and / or Windows services as a user other than the specified one, you must give the new user access to the encryption key. To provide this access, log in as the user account of the user who started the installer initially, or as another, similarly authorized user with access to the encryption key and performed the following:
- Open a Windows command prompt.
- Change to the directory on your computer where the version of the .NET Framework is installed (subdirectory
C:\Windows\Microsoft.NET\Framework\ or C:\Windows\Microsoft.NET\Framework64\ ). - Enter the following command:
aspnet_regiis -pa "TridionRsaKeyContainer" "<domain>\<account>" where <domain> is the domain of this user and <account> is the username of the user.
Jrw
source share