Encrypting the GCS Credentials - Web Services Publishing - English - Foundation 22.1 - OnBase - external

Web Services Publishing

Web Services Publishing
Foundation 22.1

It is possible to encrypt your GCS credentials and reference the stored credentials' location within the registry.


Full details on creating encrypted account registry keys are available in the Microsoft article: “How to use the ASP.NET utility to encrypt credentials and session state connection strings” available at: http://support.microsoft.com/kb/329290/

To manually configure impersonation, complete the following steps:

  1. From a command line, change the directory to the location where the aspnet_setreg.exe tool resides. A copy of this tool is provided in the ..\utilities\MISC subdirectory of the Core Services build.
  2. Enter the following command, where username is the user name of your GCS account, and password is the password for your GCS account.
    aspnet_setreg.exe -k:SOFTWARE\Hyland\GCS\Identity -u:"username" -p:"password"
  3. Open a Run dialog box and enter regedt32.
  4. Grant the application pool's identity account Read permissions to the appropriate registry key.
    • In 32-bit environments, grant the Read permission on HKLM:SOFTWARE\Hyland\GCS\Identity\ASPNET_SETREG.

    • In 64-bit environments, grant the Read permission on HKLM:SOFTWARE\Wow6432Node\Hyland\GCS\Identity\ASPNET_SETREG.

    The aspnet_setreg utility automatically stores the encrypted credentials in these keys.

    If the application pool is configured to use the built-in ApplicationPoolIdentity account, then the IIS_IUSRS group (or the individual users within that group) must be granted Read access to the registry key. Depending on your system's configuration, it may be more secure to grant Read access to a single user, rather than the entire IIS_IUSRS group.


    Modify the registry at your own risk. Incorrectly editing the Windows registry can cause serious problems that may require you to reinstall your operating system. Be sure to back up the registry before making any changes to it. For more registry information, see the following Microsoft articles: http://support.microsoft.com/kb/256986 and http://technet.microsoft.com/en-us/library/cc725612.aspx