Hi,
Which user did you used to Manage Published certificates in ADUC?
Did you have the same issue if you use the built-in administrator or members in the administrators group?
Best Regards,
Managing Published certificates in ADU
Hi all,
i'm currently facing an issue, where I'm totally stuck with my research.
In our domain, I've got a bunch of Users where I can not manage the published certificates in ADUC.
What I do is:
Open Properties of a User
Click on "Published Certificates"
Get this infobox:
"You do not have sufficient rights to open the certificate store for changes. Windows will attempt to open the store in read-only mode."
On one hand side, the message is really clear, but on the other side, I just don't know where to change the permissions.
I face this issue, only on persons which have domain admin rights, but nothing change after removing them from the group (even after days not).
I would be thankful for any hint!
3 answers
Sort by: Most helpful
-
Fan Fan 15,361 Reputation points Microsoft Vendor
2021-05-05T00:22:37.62+00:00 -
MTG 1,231 Reputation points
2022-06-17T13:40:47.86+00:00 Same here. Solution is to start mmc (and load the ADUC snapin) as computer account, in my case as system account on the DC that happens to be the CA.
-
Janosch 1 Reputation point
2022-06-20T07:34:14.037+00:00 Sorry for the late reply, but I've found a solution quite some time ago.
In our case there was a "Deny" permission entry on "Write userCertificate" in the secuirty settings of the specific users.