Just a note:
Specific to EFS built in to the OS:
You dont have to have AD integrated CA's to do this, but the Server hosting
the file share must be trusted for delegation.
There are a number of 'gotchas' in this scenario and it is difficult to
track all the crypto keys involved.
If you plan on doing this - I can provide some difficult scenarios you may
have to deal with.
steve
----- Original Message -----
From: "Brian Desmond" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Tuesday, January 24, 2006 9:46 AM
Subject: RE: [ActiveDir] OT: Encrypting shared folders
You can do EFS on the network if you have AD integrated CAs (or maybe
standalone too). Never done it though. The folders show up green in
explorer.
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
________________________________
From: [EMAIL PROTECTED] on behalf of Susan Bradley, CPA aka
Ebitz - SBS Rocks [MVP]
Sent: Tue 1/24/2006 12:11 PM
To: [email protected]
Subject: [ActiveDir] OT: Encrypting shared folders
Since there's more big server land people, can you indulge this question?
What do you do for encrypting files up on a share?
On standalone devices I use EFS or PGP.com but I've yet to deploy a
"ADaware" network solution.
Susan
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
