Article ID: 265357 - View products that this article applies to.
This article was previously published under Q265357
If you are using a roaming user profile and the "Delete roaming profile cache" policy is in use, the CryptAcquireContext call does not succeed and returns an "NTE_TEMPORARY_PROFILE" error message.
This problem becomes apparent when a user requests a certificate using either the Certificate Services web pages or the Certificates MMC snap-in.
The Certificate Services Web pages will return the following error:
The Certificates MMC snap-in will return the following error:
An error occurred while creating the certificate request. Please verify that your CSP supports any settings you have made and that your input is valid.
Error: 0x080090024 - (unknown)
The certificate request cannot be created. The profile for the user is a temporary profile.
In this instance, Windows 2000 does not properly account for PT_ROAMING being returned from GetProfileType.
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
260910The English version of this fix should have the following file attributes or later:
(http://support.microsoft.com/kb/260910/EN-US/ )How to Obtain the Latest Windows 2000 Service Pack
Date Time Version Size File name -------------------------------------------------------- 07/11/2000 01:54pm 5.0.2195.2101 131,856 Rsabase.dll
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 2.
For additional information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/249149/EN-US/ )Installing Microsoft Windows 2000 and Windows 2000 Hotfixes
This error also occurs if the user is a member of the Guests or Domain Guests group, but this is by design. Certificates and the associated private keys are stored in a secured location in the user's profile. If the user is a member of the Guests or Domain Guests groups, then the system marks the profile as temporary which means it will be deleted when the user logs off. Windows 2000 will not allow you to save a private key to a temporary profile because it will not persist from logon session to logon session.