Application log Event ID 513 from CAPi2

Discussion in 'Windows Server' started by Sejong, Oct 24, 2008.

  1. Sejong

    Sejong Guest

    After the Active Directory Domain Services (AD DS) role is added to a Windows
    Server 2008 server, running vssadmin list writers generates output that does
    not include System Writer and generates Event ID 513 from CAPi2 in the
    Application log. Text of this event: Cryptographic Services failed while
    processing the OnIdentity() call in the System Writer Object.

    Prior to adding the AD DS role, running vssadmin list writers generates
    output that does include System Writer and does not generate Event ID 513.

    Permissions on the Registration folder in the Windows folder (%windir%) are
    as shown below. In all cases the permission are shown under Special
    permissions, are <not inherited>, and apply to This folder and files
    Everyone: List folder / read data, Read attributes, Read extended
    attributes, and Read permissions
    Administrators (DomainName\Administrators): Full Control
    SYSTEM: Full control

    I think this is a permissions issue. Event ID 513 is generated by the
    Cryptographic Services service (CryptSvc), which runs under the Network
    Service Account. I believe the Network Service Account runs with the
    permissions of the Authenticated Users group. However, adding the
    Authenticated Users group with Full control permissions to the Registration
    folder doesn't eliminate the error.
    Sejong, Oct 24, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.