Solved

Location of EFS Certificates in an AD environment

Posted on 2010-08-24
2
572 Views
Last Modified: 2012-06-27
Hello

We are thinking of using EFS to encrypt files in our Windows 2003 SP2 domain environment.

According to the link below, EFS user certificates are stored in AD to allow for multi-server use (thanks woolnoir ;) )

http://www.windowsecurity.com/articles/Understanding-EFS-Windows-2003.html

But does anyone know exactly where in AD they are stored?

0
Comment
Question by:bruce_77
  • 2
2 Comments
 
LVL 1

Accepted Solution

by:
jasonlcss earned 500 total points
ID: 33515663
All installed certificates are kept in the certificate authority (CA), if this is not yet installed you can check out the instructions here:  http://www.petri.co.il/install_windows_server_2003_ca.htm

Once this is installed you can also distribute your newly installed certificates to all required users via a GPO to the entire Forrest/Domain or just enforced to a specific OU that contains the effected users
0
 
LVL 1

Expert Comment

by:jasonlcss
ID: 33528895
Did you try this, did it help?
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

As network administrators; we know how hard it is to track user’s login/logout using security event log (BTW it is harder now in windows 2008 because user name is always “N/A” in the grid), and most of us either get 3rd party tools, or just make our…
Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now