EFS without the bells and whistles

From: voicerain253@xxxxxxxxx
Date: 16 Apr 2006 11:36:09 -0700

I have spent weeks trying to find information about how to do this.
Can someone please give some advice? I would much appreciate it

We just want to have all our data encrypted with EFS.

Currently there is a full windows 2003 domain in place with three
controllers (one is a CA but it is only configured for 3rd party RRAS
usb tokens). 3TB of data spread across several domain file servers that
we want encrypted. 200 domain users.

All we want to do is "enable encryption" for all the data we have on
these domain servers.

So basically:
All domain users can decrypt any file transparently that they have
NTFS permission to read (at least)

So if Monday we are unencrypted and users are accessing file server
share data happily, and then on Monday night we start the encryption
process, On Tuesday, users should come in and just continue working
none the wiser that all the data they are accessing is encrypted.

I am not talking about a users personal data, or laptops...thats out of
scope for this. These fileservers contain dozens of shares that provide
data to dozens of different users. We spent years getting all these
NTFS groups in place so that permission is correct.

We don't want to introduce any further level of access control than
there already is with
NTFS permissions. Currently there are over 400 groups in place and,
believe me, everything is locked down...all we want to do is add
encryption.

All we care about is if some person was to steal one of these servers
(physically) that they couldnt just read the data, by attaching a drive
to another computer as a d drive.
They would need to at least have the username and password of a domain
account to access the data.

Does this make sense?

.

Follow-Ups:
- Re: EFS without the bells and whistles
  - From: Paul Adare

Prev by Date: Re: Windows Remote Desktop
Next by Date: Re: EFS without the bells and whistles
Previous by thread: Re: Windows Remote Desktop
Next by thread: Re: EFS without the bells and whistles
Index(es):
- Date
- Thread

Relevant Pages

Re: ** Encryption problem **
... >files on my other partition were encrypted with the windows encryption ... I cannot take out the encryption either, neither move them in a FAT32 ... >partition(where I though it might take out all NTFS permission), ... The average home user has no need to ...
(microsoft.public.windowsxp.general)
Re: Encryption
... I am looking for a very strong AIS or better symetrical encryption in ... python. ... I have spent a lot of time ... Anyone have any experience of a true encryption ...
(comp.lang.python)
Encryption
... I am looking for a very strong AIS or better symetrical encryption in ... python. ... I have spent a lot of time ... Anyone have any experience of a true encryption ...
(comp.lang.python)