Error Using DPAPI (User Store) from ASP.NET with Enterprise Services

  • Thread starter Thread starter HardBap
  • Start date Start date
H

HardBap

I'm following the MSDN Article here:

<link>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT08.asp
</link>

All works fine until I try an decrypt the string. I get this error:

<error>
Exception: Exception decrypting.Exception decrypting. Decryption
failed. Unable to update the password. The value provided for the new
password does not meet the length, complexity, or history requirement
of the domain.
</error>

If anyone can shed some light on this it will be much appreciated.

Thanks.
 
The issue may be the accounts that are encrypting/decrypting the data. In
order to use the user store the user's profile needs to be loaded. If you
are using service accounts for the encryption/decryption they will not by
default have a profile. This would cause the password/entropy value to be
null. This will cause an error when attempting to decrypt. I'm not sure if
it would have any effect on the encryption. I would recommend the machine
store for ASP.Net applications even though it is not as secure.

IHTH

Jon
 
Back
Top