?
Solved

EFS encryption via GPO on XP laptops

Posted on 2013-05-20
1
Medium Priority
?
601 Views
Last Modified: 2013-05-21
Need to encrypt 50 laptops including offline files cache, my documents, outlook and desktop.
Created a GPO which is working and encrypts the offline files cache. Created a login script which does not seem to be working:

cipher /e /s /a "%userprofile%\My Documents"

cipher /e /s /a "%userprofile%\Application Data\Microsoft\Outlook"

cipher /e /s /a "%userprofile%\Desktop"

And I need a password either on the folders (preferable) or at bootup which I can control.
Encryption is basically Greek to me. Need help.
0
Comment
Question by:sandbagger2u
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 2000 total points
ID: 39183311
What are you protecting the data from? If your worried about a LT being stolen and someone getting into these files, then you probably want full disk encryption wich EFS can't do. If your worried about someone gaining access to these files while the system is on you may want to try to get EFS going, but you can get to EFS data using PassWare or AEFSDR from Elcomsoft, both are very capable recovery programs. If the LT is off and is stolen, EFS won't protect you, because an attacker can use AEFSDR or PassWare, but if the disk is fully encrypted then they can't. I'd suggest TrueCrypt, FreeOTFE, PGP and possibly Microsofts Bitlocker, but bitlocker is not available for XP.
This may help with your current attempts:
http://support.microsoft.com/kb/810859
http://technet.microsoft.com/en-us/library/ee449438%28v=ws.10%29.aspx
http://www.truecrypt.org/faq (no backdoor's for TC, but EFS has MANY)
-rich
-rich
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question