Solved

EFS/PKI Implementation help

Posted on 2006-06-14
1
720 Views
Last Modified: 2013-12-04
I am in the process of implementing EFS on our domain using PKI for file level encryption.  I am trying to find step-by-step tutorials to help with the process (screenshots would be nice) and any type of bullet point checklist of things I will need to do to complete the project.  I have looked and looked but I just keep finding broad overviews of EFS and PKI.  Any help to get the information and get me started would be appreciated.  This is extremely important so I am awarding 500 points.  

FYI - It will be implemented on a windows 2003 server if that helps any.  Ask me questions if you need more information.
0
Comment
Question by:tw_chase
1 Comment
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 16906155
A few things to keep in mind with EFS...
EFS creates a plain-text copy of encrypted files/folders within the folder that data resides, it's recommended that data to be encrypted be placed in an already encrypted folder to avoid possible plain-text recovery.
You must backup your domain admin recovery agents and administrator keys. These will make it possible for you to recover data if a user's account is deleted or incase of HD failure etc...

http://support.microsoft.com/?kbid=241201
http://support.microsoft.com/kb/223316/en-us
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/efs.mspx  (screen shots and all ;)
http://www.microsoft.com/technet/security/smallbusiness/topics/cryptographyetc/protect_data_efs.mspx
-rich
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now