Code 0x80090016

1/7/2022by admin

Comments

Error 0x80090016 is an error that appears due to various reasons such as: B. Corrupted system files or bad sectors. The error can occur whenever the connection between your operating system and the hard drive is interrupted. Hi, I've migrated Windows 10 users onto a new domain after the server was rebuilt and a new domain was created. After copying the old profile to the new profile-all of the users are having problems with Office 365 products.

EventID.Net
From some of the newsgroup postings that we found, this error seems to be related to lack of proper rights or file corruption.
If this error occurs in conjunction with an IIS-based website, see this information from ASPFAQ.COM:
'This error is usually due to permissions problems or, in rare instances, corruption of the metabase. Here are some possible solutions:
- Try removing / re-creating the affected web site(s) / application(s) if your application is running in an isolated process
- Try disabling this feature also try running the application 'out of process'
- Try adding IWAM_MachineName to the web site operators, and giving this account full permissions (using regedt32.exe) to
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptographyMachineKeysMS IIS DCOM Client. Open regedit.exe, navigate to:
HKEY_CURRENT_USERSoftwareMicrosoftCryptographyUserKeys
...and delete the subkey 'MS IIS DCOM Client', then open the MMC console for IIS (which will re-create the subkey)
If all else fails, try reinstalling IIS - this will rebuild your metabase, but will require you to configure your web site(s) from scratch
* * *
This error seems to affect many users of asp pages with CDONTS. Here are some suggestions for them:
From a newsgroup post: After backing up the key (select the registry key and save it), remove HKCUsoftwareMicrosoftcryptographyuserkeysMS_IIS_DCOM_CLIENT.
From a newsgroup post: To fix this, I had to click the properties of the site, go to home dir, click REMOVE in the configuration section and re-created it.
From a newsgroup post: The problem is that access to the IIS Admin Objects is made in the context of the process token. For Out of Process IIS applications that process is token is for the IWAM_machinename account. By default, the IWAM_machinename account is not a web site operator and does not have permissions to certain registry keys required for access to the IIS Admin Objects.
You can get around this problem by adding the IWAM_machinename account to
the web site operators and then you must also give the account full permissions
to the HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptographyMachineKeysMS IIS
DCOM Client registry key. Permissions cannot be set with REGEDIT.EXE. You should use REGEDT32.EXE instead. You may not want to give the IWAM_machinename account these sorts of permissions to your metabase for security reasons. You can accomplish the same results by configuring the MTS package for your Out of Process application to run as a different user than the IWAM_machinename account. You would then need to give this different user the permissions mentioned above.

-->

Applies to

  • Windows 10
  • Windows Server 2016

Subcategory:Audit System Integrity

Event Description:

This event generates when a cryptographic operation (open key, create key, create key, and so on) was performed using a Key Storage Provider (KSP). This event generates only if one of the following KSPs were used:

  • Microsoft Software Key Storage Provider

  • Microsoft Smart Card Key Storage Provider

Note For recommendations, see Security Monitoring Recommendations for this event.

0x80090016

Event XML:

Error Code 0x80090016 Pin Setup

0x80090016 error code on office activation

Required Server Roles: None.

Minimum OS Version: Windows Server 2008, Windows Vista.

Event Versions: 0.

Field Descriptions:

Subject:

  • Security ID [Type = SID]: SID of account that requested specific cryptographic operation. Event Viewer automatically tries to resolve SIDs and show the account name. If the SID cannot be resolved, you will see the source data in the event.

Note A security identifier (SID) is a unique value of variable length used to identify a trustee (security principal). Each account has a unique SID that is issued by an authority, such as an Active Directory domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot ever be used again to identify another user or group. For more information about SIDs, see Security identifiers.

Windows Error Code 0x80090016

  • Account Name [Type = UnicodeString]: the name of the account that requested specific cryptographic operation.

  • Account Domain [Type = UnicodeString]: subject’s domain or computer name. Formats vary, and include the following:

    • Domain NETBIOS name example: CONTOSO

    • Lowercase full domain name: contoso.local

    • Uppercase full domain name: CONTOSO.LOCAL

    • For some well-known security principals, such as LOCAL SERVICE or ANONYMOUS LOGON, the value of this field is “NT AUTHORITY”.

    • For local user accounts, this field will contain the name of the computer or device that this account belongs to, for example: “Win81”.

  • Logon ID [Type = HexInt64]: hexadecimal value that can help you correlate this event with recent events that might contain the same Logon ID, for example, “4624: An account was successfully logged on.”

Cryptographic Parameters:

  • Provider Name [Type = UnicodeString]: the name of KSP through which the operation was performed. Can have one of the following values:

    • Microsoft Software Key Storage Provider

    • Microsoft Smart Card Key Storage Provider

  • Algorithm Name [Type = UnicodeString]: the name of cryptographic algorithm through which the key was used or accessed. For “Read persisted key from file” operation, this typically has “UNKNOWN” value. Can also have one of the following values:

    • RSA – algorithm created by Ron Rivest, Adi Shamir, and Leonard Adleman.

    • DSA – Digital Signature Algorithm.

    • DH – Diffie-Hellman.

    • ECDH_P521 – Elliptic Curve Diffie-Hellman algorithm with 512-bit key length.

    • ECDH_P384 – Elliptic Curve Diffie-Hellman algorithm with 384-bit key length.

    • ECDH_P256 – Elliptic Curve Diffie-Hellman algorithm with 256-bit key length.

    • ECDSA_P256 – Elliptic Curve Digital Signature Algorithm with 256-bit key length.

    • ECDSA_P384 – Elliptic Curve Digital Signature Algorithm with 384-bit key length.

    • ECDSA_P521 – Elliptic Curve Digital Signature Algorithm with 521-bit key length.

  • Key Name [Type = UnicodeString]: the name of the key (key container) with which operation was performed. For example, to get the list of Key Names for certificates for logged in user you can use “certutil -store -user my” command and check Key Container parameter in the output. Here is an output example:

  • Key Type [Type = UnicodeString]: can have one of the following values:

    • “User key.” – user’s cryptographic key.

    • “Machine key.” – machine’s cryptographic key.

Code 0x80090016

Cryptographic Operation:

  • Operation [Type = UnicodeString]: performed operation. Possible values:

    • Open Key. – open existing cryptographic key.

    • Create Key. – create new cryptographic key.

    • Delete Key. – delete existing cryptographic key.

    • Sign hash. – cryptographic signing operation.

    • Secret agreement.

    • Key Derivation. – key derivation operation.

    • Encrypt. – encryption operation.

    • Decrypt. – decryption operation.

  • Return Code [Type = HexInt32]: has “0x0” value for Success events. For failure events, provides a hexadecimal error code number.

Security Monitoring Recommendations

0x80090016 Error Code

For 5061(S, F): Cryptographic operation.

  • Typically this event is required for detailed monitoring of KSP-related actions with cryptographic keys. If you need to monitor actions related to specific cryptographic keys (“Key Name”) or a specific “Operation”, such as “Delete Key”, create monitoring rules and use this event as an information source.

Microsoft Code 0x80090016

Important For this event, also see Appendix A: Security monitoring recommendations for many audit events.

Comments are closed.