?
Solved

EFS/PKI Implementation help

Posted on 2006-06-14
1
Medium Priority
?
728 Views
Last Modified: 2013-12-04
I am in the process of implementing EFS on our domain using PKI for file level encryption.  I am trying to find step-by-step tutorials to help with the process (screenshots would be nice) and any type of bullet point checklist of things I will need to do to complete the project.  I have looked and looked but I just keep finding broad overviews of EFS and PKI.  Any help to get the information and get me started would be appreciated.  This is extremely important so I am awarding 500 points.  

FYI - It will be implemented on a windows 2003 server if that helps any.  Ask me questions if you need more information.
0
Comment
Question by:tw_chase
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 2000 total points
ID: 16906155
A few things to keep in mind with EFS...
EFS creates a plain-text copy of encrypted files/folders within the folder that data resides, it's recommended that data to be encrypted be placed in an already encrypted folder to avoid possible plain-text recovery.
You must backup your domain admin recovery agents and administrator keys. These will make it possible for you to recover data if a user's account is deleted or incase of HD failure etc...

http://support.microsoft.com/?kbid=241201
http://support.microsoft.com/kb/223316/en-us
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/efs.mspx  (screen shots and all ;)
http://www.microsoft.com/technet/security/smallbusiness/topics/cryptographyetc/protect_data_efs.mspx
-rich
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses
Course of the Month12 days, 5 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question