EFS in the two domain controller environment
From: Mandy (mmmandy@hotmail.com)
Date: 08/31/02
- Next message: Louis Friend: "Roaming Profile weirdness"
- Previous message: Xaos Flux: "Re: Preventing multiple logins"
- Next in thread: Drew Cooper [MS]: "Re: EFS in the two domain controller environment"
- Reply: Drew Cooper [MS]: "Re: EFS in the two domain controller environment"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Mandy" <mmmandy@hotmail.com> Date: Sat, 31 Aug 2002 09:28:26 +0800
Sorry for reposting this problem again, I would like to know whether
Microsoft support remote encryption on Domain Controller in at least 2
Domain Controllers and 1 Professional PC envirnoment.
Here is the problem. The testing envirnoment has a clean installation of
Windows
Environment:
Two Windows 2000 Server with SP2 (promoted as Domain Controllers) and one
Windows 2000 Professional PC with SP3. They have been promoted into the
same domain.
Problem:
There is no doubt that all the machines (either Server or Professional) are
able to encrypt locally, which means that domain user, who logon into the
machines, is able to encrypt local machine file.
However, when a user in the client PC machine encrypt **file on one of the
domain controller,
** the file is in a domain controller shared file. The shared file is
located in C drive of the DC.
1. the server becomes unresponded/hangs.
2. The computer has shown wrong password inputed when the server is in the
lock page waiting for using password to unlock the computer.
3. The PC's encryption properties box unresponded until you forced to close
the box.
4. After 15 mins, that domain controller becomes normal again. In the event
log of that server, a same error message has shown three times
Under application log,
User: NT Authority\System
Source: Userenv
Event ID: 1000
Msg: Windows cannot obtain the domain controller name for your computer
network, Reture Value (2146)
Note: By default, the Domain Controllers should be "trusted for delegation".
Recording to the Microsoft White Paper of EFS, there is no further action
needed to be taken for remote encryption.
Questions:
1. Does EFS support file encryption remotely?
2. Does EFS support file encryption on Domain Controller?
3. When there is one domain controller in the domain (instead of two domain
controllers), user is able to encrypt the DC's shared file with only a few
minutes or slow encryption process at the first time to encrypt. It seems
that Microsoft EFS support encryption remotely, but how come there always a
wait in the first time to encrypt remotely.
4. In addition, when there are 2 domain controllers (or 2 server) in the
domain, the problem is more obvious such that the domain controller always
hangs when the computer is the first time to encrypt. The problem will
occur again, when the client PC is restarted again. Does Microsoft support
file encryption in more than one Domain Controller Environment or more than
one server environment.
- Next message: Louis Friend: "Roaming Profile weirdness"
- Previous message: Xaos Flux: "Re: Preventing multiple logins"
- Next in thread: Drew Cooper [MS]: "Re: EFS in the two domain controller environment"
- Reply: Drew Cooper [MS]: "Re: EFS in the two domain controller environment"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
