New Post: Is registry access required?

From Remote Workstation:

> $error[0].exception.innerexception.stacktrace
   at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable)
   at PKI.Utils.CryptoRegistry.GetRReg(String entry, String caName, String computerName, String node)
   at PKI.CertificateServices.CertificateAuthority.get_config(String computerName, String configString)
   at PKI.CertificateServices.CertificateAuthority.initializeFromServerName(String computerName)
   at PKI.CertificateServices.CertificateAuthority..ctor(String computerName)

I thought I'd try this locally on the CA (running PSv2), I'm getting these errors: (note: same response with shortname)

> connect-certificationauthority -ComputerName FQDN.ca.example.com 
New-Object : Exception calling ".ctor" with "1" argument(s): "There is no such object on the server.
"
At C:\Users\skp\Documents\WindowsPowerShell\Modules\pspki\Server\Connect-CertificationAuthority.ps1:13 char:14
+             New-Object <<<<  PKI.CertificateServices.CertificateAuthority $CName
    + CategoryInfo          : InvalidOperation: (:) [New-Object], MethodInvocationException
    + FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand

> $error[0].exception.innerexception.stacktrace
   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Bind()
   at System.DirectoryServices.DirectoryEntry.get_AdsObject()
   at System.DirectoryServices.PropertyValueCollection.PopulateList()
   at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName)
   at System.DirectoryServices.PropertyCollection.get_Item(String propertyName)
   at PKI.CertificateServices.CertificateAuthority.get_ds()
   at PKI.CertificateServices.CertificateAuthority..ctor(String computerName)

> connect-certificationauthority -ComputerName localhost
New-Object : Exception calling ".ctor" with "1" argument(s): "Requested registry access is not allowed."
At C:\Users\skp\Documents\WindowsPowerShell\Modules\pspki\Server\Connect-CertificationAuthority.ps1:13 char:14
+             New-Object <<<<  PKI.CertificateServices.CertificateAuthority $CName
    + CategoryInfo          : InvalidOperation: (:) [New-Object], MethodInvocationException
    + FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand

> $error[0].exception.innerexception.stacktrace
   at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable)
   at PKI.Utils.CryptoRegistry.GetRReg(String entry, String caName, String computerName, String node)
   at PKI.CertificateServices.CertificateAuthority.get_config(String computerName, String configString)
   at PKI.CertificateServices.CertificateAuthority..ctor(String computerName)

I'm not a local admin on the CA server, but I do have Administrator privileges on the CA. Do you know what key is being accessed in the registry? I will try to dig into permissions on the CA and see what I can find.