EFS with files on network share

From: Gordon (gdccyuen_at_alumni.cuhk.net)
Date: 02/25/04


Date: Wed, 25 Feb 2004 10:47:37 +0800

Anyone doing file encryption on network share?

I tested using 2 accounts: X and Y, and did have some success. However
there are a lot of thing I can't understand:

1. X and Y both have multiple EFS certificates (result of using
Auto-enrollment from AD integrated CA?), should X choose the most recent
one or what?

2. If X want to encrypt the file using another certificate from Y, the
server refuse and continue to use the previous picked one. Some cache on
server need to be cleaned?

3. All of a sudden, X could not add any certificate with an error
'Revocation Server is offline'. I try to capture the network traffic but
found no traffic at all which seems to check anything about certificate
revocation, any idea?

Gordon



Relevant Pages

  • RE: SSL for Exchange stops WSUS
    ... detect your current network configuration settings or you never run CEICW ... configuring ISA Server 2000 as a gateway server, firewall, and web caching ... This newsgroup only focuses on SBS technical issues. ... How you added a certificate to the default web site? ...
    (microsoft.public.windows.server.sbs)
  • Re: Huge problem; new to this job
    ... our entire network went down. ... We have 2 offices and 1 server. ... over IPSec require the installation of a machine certificate, ... connection to provide connectivity between the two offices (across the ...
    (microsoft.public.windows.server.networking)
  • RE: Two domains question
    ... internal network resources in your home network. ... On the SBS 2003 Server open the Server Management console. ... Click the "Connect to the Internet" link. ... On the "Web Server Certificate" page, choose to create a new Web server ...
    (microsoft.public.windows.server.sbs)
  • Re: Isolation of the Root CA
    ... Best Practices for implementing Windows Server 2003 PKI: ... If you run a network that is going to have a three tier hierarchy of>Certificate Authorities with maybe six or eight issuing CA's for various>tasks that are going to issue thousands of certificates then it makes sense>to secure the CA's that only issue certificates to other CA's to minimize>the damage that can be done to the PKI. ... You would have to start with a> standalone root CA and use it to issue a certificate for an Enterprise CA ...
    (microsoft.public.win2000.security)
  • Re: Cannot connect to domain controller via Terminal Services
    ... the X509 certificate or the X509 Certificate ID. ... MCSE, CCEA, Microsoft MVP - Terminal Server ... I can connect to all other servers in our network. ... Remote Connections may not be enabled on the server-they ...
    (microsoft.public.windows.terminal_services)