Re: EFS and Importing Private Key

From: Ondřej Ševeček (ondrej.sevecek@centrum.cz)
Date: 11/26/02

• Next message: Jack Wang: "RE: remote admin of Exchange 2k from a Win XP desktop."
• Previous message: Ondřej Ševeček: "Re: Passwords"
• In reply to: Massimo Cereda: "EFS and Importing Private Key"
• Next in thread: Massimo Cereda: "Re: EFS and Importing Private Key"
• Reply: Massimo Cereda: "Re: EFS and Importing Private Key"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Ondřej Ševeček" <ondrej.sevecek@centrum.cz>
Date: Tue, 26 Nov 2002 07:59:10 +0100

My experience is as follows:
When EFS creates its own certificate, the certificate is only "copied???" to
the certificate store, but when deleted, EFS still uses its private key for
encryption. So installing the new certificate makes no effect.
When I tried to import certificate for EFS, I had to do it before EFS was
turned on for the first time.

But I would like some explanation for this behaviour and 'am quite
interested in other's suggestions.

Nice day, Ondra.

"Massimo Cereda" <massimo.cereda@cgweb.it> wrote in message
news:OnXHDuIlCHA.2740@tkmsftngp09...
> Hi everyone, I need to use EFS on a machine where more than one profile
must
> access to an encrypted folder. I exported from the profile A his private
key
> and then imported into the other profile (B and C). For user B the
> encryption/decryption process work right but not for profile C.
> When I imported the A's certificate profile C have alredy his own
> certificate, obviously different from A, I deleted this certificate. Now
the
> decryption work perfectl but the encryption use a different certificate
> regard A, maybe the old certificate. The result is that C can open all
file
> but after he open a file A and B can't access the file.
>
> There is some trouble to delete certificate?
>
> Massimo Cereda
>
>

---

• Next message: Jack Wang: "RE: remote admin of Exchange 2k from a Win XP desktop."
• Previous message: Ondřej Ševeček: "Re: Passwords"
• In reply to: Massimo Cereda: "EFS and Importing Private Key"
• Next in thread: Massimo Cereda: "Re: EFS and Importing Private Key"
• Reply: Massimo Cereda: "Re: EFS and Importing Private Key"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: EFS File Share Help ... And your roaming profile cannot work properly. ... If user tries to encrypt a remote file/folder stored ... user, and subsequently requests, or generates a self-signed EFS ... The certificate and private key are loaded in a local profile ... (microsoft.public.windows.server.sbs) Re: What am I doing wrong? ... > after I make the EFS work. ... Then I've exported my encryption certificate to a file on a diskette. ... > certificate into a file on a floppy, and I did select the "Yes, export ... (microsoft.public.windowsxp.security_admin) Re: About EFS and local certificate that I want to export ... You need to get your head around how EFS works. ... EFS is local file encryption. ... the file is transferred to/from the server in the clear. ... you added the incorrect EFS certificate in step 4. ... (microsoft.public.windows.server.security) Re: EFS woes ... I changed my domain password which broke EFS 1. ... not the same thumbprint as on my exported certificate. ... inheriting the encryption status. ... (microsoft.public.windowsxp.security_admin) Re: EFS Recover Agents Unable to decrypt files ... Permissions were checked to make sure that the EFS RA had full ... The EFS RA imported it's EFS RA certificate from storage in a secure ... I tried to decrypt the file after only importing the ... a special recovery key is created with the encryption process. ... (microsoft.public.win2000.file_system)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)