Problems setting up the Recovery Agent
- From: "techo crat" <spos4life@xxxxxxxxxxx>
- Date: 19 Dec 2006 10:26:41 -0800
I'm having problems setting up the Recovery Agent(RA) to work in my
domain. I would like to know if I'm missing any steps.
I have a 2003 domain and installed Windows CA on the DC machine.
I created a domain user which I will use primarily as a RA. I logged
into the CA machine as the RA and exported its certificate.
I relogged back into the machine as the domain admin and imported the
certificate so that it is a part of the Recovery Policy of the domain.
I imported the cert by going to the Group Policy Editor/Computer
Configuration/Windows Setting/Security Setting/Public Key
Policies/Encrypting File System. In the Add RA wizard, 2nd screen where
I select the user profile, after I finding the certificate file, it
displays User: USER_UNKNOWN. I don't know whether this indicates that
something is wrong already.
After completing this process, I see the Group Policy Editor under
Encrypting File System, my newly added RA is displayed.
Next, I try to test if this RA works by going on a workstation and
logging in as a normal domain user and encrypting a dummy text file. I
relog on as the RA, and import the cert of the RA into this machine and
then try to open up the dummy file. But failed. I then try to import
the private key file of the RA and then open the file and it still
fails. Both times it displays "Access is Denied" message.
I would like to know what I'm doing wrong.
Thanks a lot for any help
.
- Follow-Ups:
- Re: Problems setting up the Recovery Agent
- From: Roger Abell [MVP]
- Re: Problems setting up the Recovery Agent
- Prev by Date: Re: windows 2k - enabling acces to network connections for non-administrative users
- Next by Date: Re: Windows 2003 Domain Controller (Open Port 593)
- Previous by thread: Windows 2003 Domain Controller (Open Port 593)
- Next by thread: Re: Problems setting up the Recovery Agent
- Index(es):
Relevant Pages
|
