CSOCurrent en:Persisting the Client Store across Terminal Server Sessions: Unterschied zwischen den Versionen
Keine Bearbeitungszusammenfassung |
Keine Bearbeitungszusammenfassung |
||
Zeile 10: | Zeile 10: | ||
= Data related to Microsoft DPAPI = | = Data related to Microsoft DPAPI = | ||
The client.store file located in `%appdata%\ | The client.store file located in `%appdata%\Pointsharp\Cryptshare for Outlook\client.store` is only readable if the user's DPAPI keys are available. When a Roaming User Profile has been deployed, this happens automatically. Otherwise, it is your responsibility to make sure the keys are available across sessions. The keys are located in `%APPDATA%\Microsoft\Protect\{SID}`. | ||
{{NoteBox|title=|content=If the DPAPI keys are not properly persisted, Cryptshare for Outlook with throw the following error when attempting to read the contents of the Client Store:<br /> | {{NoteBox|title=|content=If the DPAPI keys are not properly persisted, Cryptshare for Outlook with throw the following error when attempting to read the contents of the Client Store:<br /> | ||
<pre>Code = 170 Message = Can't read from the client store!</pre> | <pre>Code = 170 Message = Can't read from the client store!</pre> | ||
}} | }} |
Aktuelle Version vom 6. Juni 2023, 08:27 Uhr
Overview
The Client Store, usually located in `%APPDATA%\Pointsharp\Cryptshare for Outlook\client.store`, is used by Cryptshare for Outlook to store the verification token of each user/server combination. The existence and validity of this file ensures that a Cryptshare for Outlook user does not always have to perform a Verification.
In order to protect the contents of the file from unauthorized access, Cryptshare for Outlook utilises the Microsoft Data Protection API with the DataProtectionScope of CurrentUser. This means that the contents of the Client Store can only be unprotected by the same domain user who protected the contents of the file.
Due to how most commercial terminal server solutions work, it is quite common for a user's session to be located on a different physical server every time they log in. It is therefore crucial to have mechanisms in place that ensure user-specific data to be available within the user's session, no matter which physical server the user is connected to. This is usually done by deploying Roaming User Profiles.
We recommend to persist the directory `%APPDATA%\Pointsharp\Cryptshare for Outlook` across sessions. This ensures user-defined information such as name and phone number as well as the transfer history to be available no matter where the user's session is located.
The client.store file located in `%appdata%\Pointsharp\Cryptshare for Outlook\client.store` is only readable if the user's DPAPI keys are available. When a Roaming User Profile has been deployed, this happens automatically. Otherwise, it is your responsibility to make sure the keys are available across sessions. The keys are located in `%APPDATA%\Microsoft\Protect\{SID}`.
Code = 170 Message = Can't read from the client store!