Microsoft KB Archive/265357

= Roaming Profiles Cannot Create Key Containers =

Article ID: 265357

Article Last Modified on 2/20/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition

-



This article was previously published under Q265357



SYMPTOMS
If you are using a roaming user profile and the &quot;Delete roaming profile cache&quot; policy is in use, the CryptAcquireContext call does not succeed and returns an &quot;NTE_TEMPORARY_PROFILE&quot; error message.

This problem becomes apparent when a user requests a certificate using either the Certificate Services web pages or the Certificates MMC snap-in.

The Certificate Services Web pages will return the following error:

An error occurred while creating the certificate request. Please verify that your CSP supports any settings you have made and that your input is valid.

Suggested cause:

No suggestion.

Error: 0x080090024 - (unknown)

The Certificates MMC snap-in will return the following error:

The certificate request cannot be created. The profile for the user is a temporary profile.



CAUSE
In this instance, Windows 2000 does not properly account for PT_ROAMING being returned from GetProfileType.



RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

The English version of this fix should have the following file attributes or later:   Date        Time     Version        Size     File name 07/11/2000 01:54pm  5.0.2195.2101  131,856  Rsabase.dll



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 2.



MORE INFORMATION
For additional information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the article number below to view the article in the Microsoft Knowledge Base:

249149 Installing Microsoft Windows 2000 and Windows 2000 Hotfixes

This error also occurs if the user is a member of the Guests or Domain Guests group, but this is by design. Certificates and the associated private keys are stored in a secured location in the user's profile. If the user is a member of the Guests or Domain Guests groups, then the system marks the profile as temporary which means it will be deleted when the user logs off. Windows 2000 will not allow you to save a private key to a temporary profile because it will not persist from logon session to logon session.

Keywords: kbhotfixserver kbqfe kbbug kbfix kbwin2000presp2fix KB265357

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.