Solved

EFS on Windows 2003 domain with a 2008 File Server

Posted on 2013-06-07
1
598 Views
Last Modified: 2013-06-10
I would like to know if it is possible to set up EFS on several shares for a Windows 2008 server, while the domain level is on Windows 2003 Server. I have tried to set it up unsuccessfully for the past couple of days, nut I have not been able to find any supporting info regarding the different versions and implementing EFS. We have several Workstations on Windows 7 and XP.

Regards,
0
Comment
Question by:Synetek
1 Comment
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
Comment Utility
It should be possible.

 You can use EFS to encrypt and decrypt files and folders that are located on NTFS volumes on a remote server if the server is trusted for delegation in Active Directory. To remotely encrypt and decrypt files and folders, your certificate and private key must be stored on the server. The server uses Kerberos delegation to access this information.

E.g.  When files are stored on file shares, all EFS operations occur on the computer on which the files are stored. For example, if a user connects to a network file share and chooses to open a file that he or she previously encrypted, the file is decrypted on the computer on which the file is stored and then transmitted in plaintext over the network to the user’s computer.

Note the "plaintext" over the network. Hence not end to end for remote shares

I am suggesting below to see if helpful on the criteria for Remote EFS file share :
http://technet.microsoft.com/library/bb457116.aspx#EHAA

this is an lengthy forum which seems to be likely what commonly faced in remote shares
http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/ab0a7538-cede-477f-9b9b-bfccf2ee27fb


Likewise there is EFS troubleshooting (on error msg) if necessary
http://technet.microsoft.com/en-us/library/bb457116.aspx#EBAA
http://technet.microsoft.com/en-us/library/cc700811.aspx#XSLTsection132121120120
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now