Solved

Location of EFS Certificates in an AD environment

Posted on 2010-08-24
2
573 Views
Last Modified: 2012-06-27
Hello

We are thinking of using EFS to encrypt files in our Windows 2003 SP2 domain environment.

According to the link below, EFS user certificates are stored in AD to allow for multi-server use (thanks woolnoir ;) )

http://www.windowsecurity.com/articles/Understanding-EFS-Windows-2003.html

But does anyone know exactly where in AD they are stored?

0
Comment
Question by:bruce_77
  • 2
2 Comments
 
LVL 1

Accepted Solution

by:
jasonlcss earned 500 total points
ID: 33515663
All installed certificates are kept in the certificate authority (CA), if this is not yet installed you can check out the instructions here:  http://www.petri.co.il/install_windows_server_2003_ca.htm

Once this is installed you can also distribute your newly installed certificates to all required users via a GPO to the entire Forrest/Domain or just enforced to a specific OU that contains the effected users
0
 
LVL 1

Expert Comment

by:jasonlcss
ID: 33528895
Did you try this, did it help?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now