Receiving the following error:
"Authentication error: you are not allowed to register your authentication key pair."
"Error code: 0x8200200b"
QESSO was most likely unable to write data under the user account, suggesting missing permissions on the user object.
Ensure that the user object is inheriting permissions from the parent:
1) Open Active Directory Users and Computers (ADUC)
2) Right-click on the user who is experiencing the error
3) Select "Properties"
4) Select the "Security" tab and then click "Advanced"
5) Click to select the check box "Include inheritable permissions from this object's parent" if it is not already checked.
This problem occurs when ACLs heritage is lost for the user in the Active Directory.
To reestablish the ACLs heritage for the object corresponding to the user in the Active Directory:
- Execute Users and Computers Windows management console
- In View menu select Advanced Features mode and select the user
- Edit the user Properties (in the example, user is "dupond")
- Select Security tab
- Click Advanced button
- Click Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here.
See attached images.
© 2020 One Identity LLC. ALL RIGHTS RESERVED. Feedback Conditions d’utilisation Confidentialité