Manually have to give users read permissions

[mebenz]

After upgrading to Microsoft Dynamics version 9, none of our regular users could log into Dynamics (got to the login window, then received login error). Power users could. After many hours and tests with filemon, regmon etc., it was determined that the users getting the error were getting access denied on the following folder:

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys

What is this and wouldn't authenticated users be able to read these keys without physically changing the permissions?

 

[itsp1965]

It is possible that Dynamics is adding a certificate key which in this case requires more than read access to said folder
Although directly not applicable to Dynamics this MS article should shed some light

http://support.microsoft.com/kb/867651

Hope this helps.

 

[mebenz]

I believe Dynamics adds the key during the installation, but each user does not create a new key; They just need to be able to access it. When I changed to read permissions, we had no issues (before Everyone group was set to no access). This is brand new to version 9 as version 8 of the software did not have this issue.