Issues with the TridionRsaContainer registration!

Scenario

We’d copied a CM instance (VirtualMachine) from the PRD environment and placed this into the UAT environment, all configurations done as we’d tested and expected.

To avoid getting the error stating that the [clientUATdomain]\MTSUser does not have access to the tridion.security configuration setting we executed the TridionRsaContainer command

aspnet_regiis -pa "TridionRsaKeyContainer" "[clientUATdomain]\MTSUser"

This failed with the MTSUser. On confirming we had the correct [domain]/username/password and further investigation we found that no-one knew the actual account that had been used to install SDL Tridion 2011 CM. We needed this account so we could log into the UAT CM machine in order to give the MTSUser access to the tridion.security configuration setting. This is because this config setting is protected using this windows functionality : http://msdn.microsoft.com/en-us/library/yxw286t2(v=vs.100).aspx

Solution
We could see that file in question is actually a file in c:\programdata\microsoft\crypto\rsa

This file is accessible only to a small number of users (the production domain mtsuser had access to it). So we tried this:

  • log in on the PRD machine as the production domain mtsuser
  • export the rsa key via this command
aspnet_regiis -px "TridionRsaKeyContainer" keys.xml -pri

We then placed this keys.xml file onto the UAT CM box and then executed the import command

aspnet_regiis -pi "TridionRsaKeyContainer" c:\temp\keys.xml

and finally, the following command

aspnet_regiis -pa "TridionRsaKeyContainer" "[clientUATdomain]\MTSUser"

So, on booting up the CM Browser… boom… We got an error in the GUI after a quick dig into the respective ‘Tridion Configuration’ error in the Event system … we then executed

aspnet_regiis -pa "TridionRsaKeyContainer" "nt authority\network service"

Quick restart of the services and all is well again.

The motto of the story – DO NOT ‘LET SLIP‘ WHICH USER INSTALLED THE CM – especially if you want to clone the machine during a setup!

If you’ve had a similar experience we’d be very interested to hear if there are other ways around this – other than simply re-installing the CM with a noted user :)

Special thanks to Harald Hoffelinck on this solution!

Content Porter: The partner transaction manager has disabled its support for remote/network transactions

I recently installed Content Porter 2009 SP2 Server and Client on the same server as the SDL Tridion Content Manager(CM) 2011 SP1.

Exporting worked totally fine, the zip was created and sat there just dying to be imported… so I thought ‘great, just a quick test of importing and I’m done’.

Continue reading

Translating Page URLs without Localizing Pages

A piece of advise that I learned from a wise Tridion sensei is that it’s not a good practice to localize pages in Tridion if you have a multi-lingual site (though there is an exception to this rule which I’ll discuss below).  The reason for this is simple: you lose the ability to centrally manage your site from the Master web publication.  Once a page is localized, you have to manage it individually, which is not ideal if you want to centrally update component presentations on a page across all the language sites.  So what do you do if you want to obey the rule of not localizing pages and your customer asks to have localized/translated URLs? 

Continue reading

Fixing a busted Tridion publisher

So I have to work this evening… want to know why? Because today my Tridion virtual machine magically stopped publishing after a reboot, I could smell Java libraries from the start!

Let me explain…

I went to bed feeling pretty satisfied after a long, hard day of coding. Same as any other day I simply closed the lid of my laptop to send my computer into hibernation, I foolishly (I admit) left my VM running.

Continue reading

“Inheriting” Metadata on Organizational Items

Recently I had a customer ask me for a rather simple feature – the ability to have Tridion folders and structure groups inherit the metadata schema and values from their parent. This would be only when creating new organizational items and obviously we want to show these default values on screen when editing.

Having spent the past few months completely buried in Anguilla/CME extensions, I obviously started thinking of implementing this by extending a whole bunch of Anguilla Commands and going all crazy on Javascript.

Continue reading