?
Solved

Location of EFS Certificates in an AD environment

Posted on 2010-08-24
2
Medium Priority
?
579 Views
Last Modified: 2012-06-27
Hello

We are thinking of using EFS to encrypt files in our Windows 2003 SP2 domain environment.

According to the link below, EFS user certificates are stored in AD to allow for multi-server use (thanks woolnoir ;) )

http://www.windowsecurity.com/articles/Understanding-EFS-Windows-2003.html

But does anyone know exactly where in AD they are stored?

0
Comment
Question by:bruce_77
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 1

Accepted Solution

by:
jasonlcss earned 2000 total points
ID: 33515663
All installed certificates are kept in the certificate authority (CA), if this is not yet installed you can check out the instructions here:  http://www.petri.co.il/install_windows_server_2003_ca.htm

Once this is installed you can also distribute your newly installed certificates to all required users via a GPO to the entire Forrest/Domain or just enforced to a specific OU that contains the effected users
0
 
LVL 1

Expert Comment

by:jasonlcss
ID: 33528895
Did you try this, did it help?
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question