EFS/PKI Implementation help

I am in the process of implementing EFS on our domain using PKI for file level encryption.  I am trying to find step-by-step tutorials to help with the process (screenshots would be nice) and any type of bullet point checklist of things I will need to do to complete the project.  I have looked and looked but I just keep finding broad overviews of EFS and PKI.  Any help to get the information and get me started would be appreciated.  This is extremely important so I am awarding 500 points.  

FYI - It will be implemented on a windows 2003 server if that helps any.  Ask me questions if you need more information.
tw_chaseAsked:
Who is Participating?
 
Rich RumbleSecurity SamuraiCommented:
A few things to keep in mind with EFS...
EFS creates a plain-text copy of encrypted files/folders within the folder that data resides, it's recommended that data to be encrypted be placed in an already encrypted folder to avoid possible plain-text recovery.
You must backup your domain admin recovery agents and administrator keys. These will make it possible for you to recover data if a user's account is deleted or incase of HD failure etc...

http://support.microsoft.com/?kbid=241201
http://support.microsoft.com/kb/223316/en-us
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/efs.mspx  (screen shots and all ;)
http://www.microsoft.com/technet/security/smallbusiness/topics/cryptographyetc/protect_data_efs.mspx
-rich
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.