Here’s a new Knowledge Base article we published. This one describes an issue where a PXE enabled Distribution Point will generate a large number of files under C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 for each PXE request that it services on the network.
A PXE enabled Distribution Point will generate a number of files under C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 for each PXE request that it services on the network. This occurs whether the device sending the PXE request has a Task Sequence deployed to it or not. The generation of files will continue and may consume available hard disk space.
This occurs whenever a self-signed certificate is used for the Distribution Point (DP).
To work around this problem, request a CA issued certificate for the PXE enabled DP and specify the PFX file under the properties of the DP. Step-by-step instructions on how to do create the PFX file are available in the Deploying the Client Certificate for Distribution Points section of http://technet.microsoft.com/en-ca/library/230dfec0-bddb-4429-a5db-30020e881f1e#BKMK_clientdistributionpoint2008_cm2012.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For the most current version of this article please see the following:
2713467 - A PXE enabled Distribution Point that uses a self-signed certificate will generate many files in System Center 2012 Configuration Manager
J.C. Hornbeck | System Center & Security Knowledge Engineer
Get the latest System Center news on Facebook and Twitter:
App-V Team blog: http://blogs.technet.com/appv/ ConfigMgr Support Team blog: http://blogs.technet.com/configurationmgr/ DPM Team blog: http://blogs.technet.com/dpm/ MED-V Team blog: http://blogs.technet.com/medv/ Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/ Operations Manager Team blog: http://blogs.technet.com/momteam/ SCVMM Team blog: http://blogs.technet.com/scvmm Server App-V Team blog: http://blogs.technet.com/b/serverappv Service Manager Team blog: http://blogs.technet.com/b/servicemanager System Center Essentials Team blog: http://blogs.technet.com/b/systemcenteressentials WSUS Support Team blog: http://blogs.technet.com/sus/
The Forefront Server Protection blog: http://blogs.technet.com/b/fss/ The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/ The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/ The Forefront TMG blog: http://blogs.technet.com/b/isablog/ The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
Can we delete these files? what are they for?