|
Posted by Steve Riley [MSFT] on July 23, 2007, 9:52 pm
Please log in for more thread options Cool! And thanks for picking up the book :)
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
> Exactly what I was looking for. I am setting this up before deploying EFS
> (read your book, Steve! Protect Your Windows Network).
>
> Thanks for the very enlightening post!
>
>> Have these files already been encrypted by EFS? If so, then setting up a
>> CA after-the-fact won't give you the ability recover those files. They'd
>> have to be decrypted then re-encrypted after you get the CA set up and
>> all clients switched over to using the EFS certificates it issues.
>>
>> Or, if you're looking to deploy EFS the right way before users begin
>> encrypting anything, allow me to point you to the recently-released Data
>> Encryption Toolkit for Mobile PCs. The guidance and tool here will make
>> EFS much easier for you.
>>
>>
http://www.microsoft.com/technet/security/guidance/clientsecurity/dataencryption/default.mspx
>>
>> Steve Riley
>> steve.riley@microsoft.com
>> http://blogs.technet.com/steriley
>>
>>
>>
>>> Sigh! When trying to discover a Step-by-Step (even in the so called
>>> Step-by-Step section of Technet) method of setting up a simple
>>> (oxymoron?) configuration of a CA and self-signed certificate for the
>>> sole purpose of being able to recover EFS encrypted files and folders, I
>>> struck out.
>>>
>>> Can anyone point me to some material on how to set this up? Our
>>> environment is Windows 2003 servers (will make DC a CA for this purpose)
>>> and all machines with EFS will belong to the domain where the CA exists.
>>>
>
>
| 
XML Sitemap