10.5 Folder Permissions - MachineKeys

During installation of Privilege Manager 10.5 (or an upgrade from prior versions) Privilege Manager attempts to create a new self-signed certificate for internal use. If permissions on the folder %ProgramData%\Microsoft\Crypto\RSA\MachineKeys are incorrect, the install fails with a cryptographic exception and the text Access Denied.

Follow the steps below to add Everyone (Read, Write, This Folder Only) permissions to %ProgramData%\Microsoft\Crypto\RSA\MachineKeys.

  1. Browse to %ProgramData%\Microsoft\Crypto\RSA\MachineKeys.

  2. Right-click on the folder and select Properties.

  3. Select the Security tab and click the Advanced button.

  4. On the Permissions tab, click Change permissions. (If you are already running as an administrator, you may not need this step.)

  5. On the Permissions Tab, click Add.

  6. On the next dialog, click the Select a principal link.

  7. In the Enter the object name to select field, type Everyone and click OK.

  8. You will see the dialog shown below, select This folder only and Read and Write.

    Permission Entry for MachineKeys

  9. Click OK to add the entry.

  10. Click Apply to apply the changes.

  11. Navigate back to the Privilege Manager Setup page and select the repair option for the Privilege Manager Server Core Solution.