Re: Encrypting the Offline Files cache
From: Helmuth Snoeijen (HelmuthSnoeijen_at_discussions.microsoft.com)
Date: 12/28/04
- Next message: Ainsley: "Re: INABILITY TO MOVE BEYOND WELCOME PAGE"
- Previous message: engineer69: "Re: pop ups when i start Internet explorer"
- In reply to: Tim Springston [MSFT]: "Re: Encrypting the Offline Files cache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Dec 2004 05:45:10 -0800
Hello Tim,
Thanks for your reply. But I'm still puzzled.
When the Offline Files cache is encrypted there should be at least a self
signed user certitficate (for EFS) in the local certificate store on the
client, or not?
In my case there was no certificate. Can I therefore make the conclusion
that nothing is encrypted on the client (including the Offline Files cache)?
Thanks,
Helmuth
"Tim Springston [MSFT]" wrote:
> The user interface in the on the client is the best way to check. The UI
> has logic to decide whether the "encrypt" option is available (unencrypted)
> or not an option (unsupported client or already encrypted on a supported
> client configuration).
>
> Encryption of the cached items for client side caching is done within the
> cached items database, so it will not display as encrypted as other file
> system objects would (like an encrypted Word doc) even if it is encrypted.
>
> If you have a need to prove that the items are encrypted for a security
> audit, please contact Microsoft Product Support Services and we can help.
> You should not be charged for this incident if that is all you need.
>
> Please repost if you have any additional questions or concerns.
> --
>
> Tim Springston
> Microsoft Corporation
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
> "Helmuth Snoeijen" <HelmuthSnoeijen@discussions.microsoft.com> wrote in
> message news:F41BE611-7C0F-4EC3-A789-422BB93DEF93@microsoft.com...
> > I've the following situation:
> > - Active Directory W2K3, using OU's and GPO's for controlling settings on
> > the clients
> > - Windows XP SP2 clients (laptops)
> > - "My Documents' is redirected to the users' homeshare and made offline
> > available
> > - The Offline Files cache encryption is enabled using a GPO setting
> > - EFS is enabled for users using default Domain GPO
> > - The domain administrator is the default data recovery agent
> >
> > Question:
> > How can I check if the CSC (cache) directory is encrypted (automatically)
> > on
> > the client?
> >
> > Additional info:
> > - I've used the EFSINFO resource kit tool to check if the CSC is
> > encrypted.
> > It says "not encrypted".
> > - When I display the attributes belonging to the CSC directory, there is
> > no
> > "E" attribute for encrypted.
> > - There is no user certificate on the client, which I think should be
> > present.
> >
> > What is going wrong here.
> >
> > Thanx in advance..
> >
> >
>
>
>
- Next message: Ainsley: "Re: INABILITY TO MOVE BEYOND WELCOME PAGE"
- Previous message: engineer69: "Re: pop ups when i start Internet explorer"
- In reply to: Tim Springston [MSFT]: "Re: Encrypting the Offline Files cache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
