Re: EFS

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 06/08/05


Date: Wed, 8 Jun 2005 00:14:19 -0500

You can not export the private key for the user they must do that
themselves. While the user is logged on have them use the mmc snapin for
certificates for "user" and go to their personal/certificates folder. When
they find their certificate for Encrypted File System [or possibly user
certificate] have them right click the certificate, select all tasks and
export. The certificate used for EFS should have the ability to export their
private key [assuming the private key is present] unless at one time the
user exported and deleted it and then when importing it back into their
computer did not select the option to allow the private key to be exported.
The link below may be of help and see the section for how to backup your
certificate though it shows how to do such via Internet Explorer as another
possible way to do it.--- Steve

http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316

"Roland Hbner" <Roland Hbner@discussions.microsoft.com> wrote in message
news:09A6E48F-FE98-4392-8DD1-524ACBEA3FFC@microsoft.com...
> Hallo,
> I have a Windows 2000 Server with Active Directory and 10 Clients. Now, I
> want to Data encryption on the Server. I have installed on a Windwos 2000
> Server a CA. A User from a Workstation can encryption a File, this is ok.
> The
> User allocate gets the Certificate.
> Therewith, the System very safely the User want to safe the private key
> on
> a Disk.
> But, I cannot export the private key. This function cannot selected.
> What can I do, at the Private key to export?