Re: Certificate not shown with efsinfo /y
From: Bert Roos (reply_at_to.group)
Date: Thu, 8 Apr 2004 09:27:23 +0200
Thanks Drew, that indeed makes efsinfo/y show the certificate. But to be
honest, that was not my real problem. I was hoping that I could access
encrypted files on a remote computer once the certificate was shown by
So the real problem is that I have encrypted files on computer A. I've
exported the certificate on A and imported it on computer B. Now I expected
to be able to remotely read the encrypted files on computer A. To accomplish
that, I use a single domain account and both computers are part of that same
When I type efsinfo /y /c on computer B, I see that the thumb print of the
users who can access the encrypted remote files, is identical to the current
user EFS certificate, but when I try to read such a file, I get 'access
Hope you know the fix for this one too!
"Drew Cooper [MSFT]" <firstname.lastname@example.org> wrote in message
> "efsinfo /y" shows the user's current EFS cert hash. It's considered
> "current" once it's been used to encrypt something on the machine. I
> recall whether enrollment also sets the reg value that makes this
> Autoenrollment updating the cert should update the "current" cert, though.
> Oh - and the pfx wizard doesn't set the reg value.
> Quick and dirty way to make sure "efsinfo /y" shows the thumbnail even
> an import w/ the pfx wizard: create a small temporary file, encrypt it
> (which sets the reg value), then delete the file.
> Drew Cooper [MSFT]
> This posting is provided "AS IS" with no warranties, and confers no
> "Bert Roos" <email@example.com> wrote in message
> > Hi,
> > I've an EFS certificate that shows up in the certificates MMC snapin
> > not shown with efsinfo /y.
> > This certificate was first requested from the CA on computer A, by user
> > User U exported this certificate (with the private key) and imported it
> > computer B (both computers A and B as well as user U are part of the
> > ADS domain). When typing efsinfo /y on computer A, the certificate is
> > but not on computer B.
> > Any help on how to resolve this, whould be greatly apprecieated.
> > Thanks, Bert Roos
> > (please reply to group).