RMS Console - Error when adding servers to credentials database

Article:TECH183282  |  Created: 2012-03-08  |  Updated: 2012-03-08  |  Article URL http://www.symantec.com/docs/TECH183282
Article Type
Technical Solution


Environment

Issue



When adding servers to the credential database a Cryptographic error occurs


Error



Exception: Cryptography initialization failed: access denied to the 'BindView' cryptographic key-container, which is normally accessible only to Administrators in CBVProcessManager


Environment



RMS Console - Credential DB - ControlCompliance Suite (CCS) 10.5.1


Cause



This error occurs due to a file system permission. The user that the service called "Symantec RMS Process Manager" runs under need access to some fo the cryptographic files.


Solution



  1. Go to services and open the properties of the service called "Symantec RMS Process Manager"
  2. Click on "Log On" tab
  3. Verify the user name (by default it will runs as Local System Account) if not note the user name.
  4. Go the the File System to the folder called:
    1. On Windows 2008 = C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
    2. On Windows 2003 = C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
  5.  Locate a file with name starting by "114fb2f290c4eb42ff9a8e937b320d73" (each file name finishing by a unique id. i.e. "114fb2f290c4eb42ff9a8e937b320d73_ca7d0021-856a-4b3e-852a-7e18de46f54b"
  6. Open this file with notepad and check that it contains the string "Bindview"
    1. Example of a file
  7. Close Notepad
  8. Right click on Properties for this file
  9. Click on Security tab
  10. Make sure the user called "SYSTEM" has Full Control (if you running as Local System service)
  11. Else add the user that the service uses to the permission list with Full control
  12. Close this Windows
  13. Restart the Symantec RMS Process Manager Service

 

You can go back to the Credential Database and add agents credentials without this error occuring anymore.




Article URL http://www.symantec.com/docs/TECH183282


Terms of use for this information are found in Legal Notices