Error Using DPAPI (User Store) from ASP.NET with Enterprise Services

H

HardBap

I'm following the MSDN Article here:

<link>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT08.asp
</link>

All works fine until I try an decrypt the string. I get this error:

<error>
Exception: Exception decrypting.Exception decrypting. Decryption
failed. Unable to update the password. The value provided for the new
password does not meet the length, complexity, or history requirement
of the domain.
</error>

If anyone can shed some light on this it will be much appreciated.

Thanks.
 
C

CodeMeister

The issue may be the accounts that are encrypting/decrypting the data. In
order to use the user store the user's profile needs to be loaded. If you
are using service accounts for the encryption/decryption they will not by
default have a profile. This would cause the password/entropy value to be
null. This will cause an error when attempting to decrypt. I'm not sure if
it would have any effect on the encryption. I would recommend the machine
store for ASP.Net applications even though it is not as secure.

IHTH

Jon
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Error running Decrypt with DPAPI 2
"Length of the data to decrypt is invalid." when trying to decrypt TripleDes algorithm 7
CryptProtectData failed when calling from ASP.NET 2
Domain user account running ASP.NET 1.1 1
Using SQL trusted connections with ASP.NET 5
Forms Authentication 1
using enterprise services in asp.net 0
Forms authentication with Active Directory 1

Top