EFS - Sharing Files

  • Thread starter Thread starter TheKnight571
  • Start date Start date
T

TheKnight571

Ok.. I've been working on this for awhile now and haven't found that magical
bit of information I need... whatever it is.

Environment: Windows 2003 Server, XP on the Desktop, users log into a domain.
- Note... I inheirited (sp?) this, so I don't know all the backstory

We have a Public Shared folder that everyone has access to.

Inside that folder is another folder that is encrypted.

Currently, only the person that creates the file can open it.

We need to grant some others access to these files.

What do I need to do, to make this happen?

So far I've:
- Created a Certificate for myself on my PC
- Exported it and then imported it onto the server
- After much effort I was finally able to add my certificate (username) to
the "ACL" via properties, Advanced, Details.

However, I cannot open it.

So, I can't seem to figure out why... did I import the cert wrong? Create
the Cert wrong? Am I off base entirely?

Can someone help. :)

Thanks.
 
TheKnight571 said:
Ok.. I've been working on this for awhile now and haven't found that
magical bit of information I need... whatever it is.

Environment: Windows 2003 Server, XP on the Desktop, users log into
a domain. - Note... I inheirited (sp?) this, so I don't know all the
backstory

We have a Public Shared folder that everyone has access to.

Inside that folder is another folder that is encrypted.

Currently, only the person that creates the file can open it.

We need to grant some others access to these files.

What do I need to do, to make this happen?

So far I've:
- Created a Certificate for myself on my PC
- Exported it and then imported it onto the server
- After much effort I was finally able to add my certificate
(username) to the "ACL" via properties, Advanced, Details.

However, I cannot open it.

So, I can't seem to figure out why... did I import the cert wrong?
Create the Cert wrong? Am I off base entirely?

Can someone help. :)

Thanks.


These may help:-

HOW TO: Share Access to an Encrypted File in Windows XP
http://support.microsoft.com/?id=308991

The Encrypting File System
http://www.microsoft.com/technet/security/topics/cryptographyetc/efs.mspx

Best practices for the Encrypting File System
http://support.microsoft.com/kb/223316/en-us
 
TheKnight571 said:
Ok.. I've been working on this for awhile now and haven't found that magical
bit of information I need... whatever it is.

Environment: Windows 2003 Server, XP on the Desktop, users log into a domain.
- Note... I inheirited (sp?) this, so I don't know all the backstory

We have a Public Shared folder that everyone has access to.

Inside that folder is another folder that is encrypted.

Currently, only the person that creates the file can open it.


Correct.


We need to grant some others access to these files.

Then have the creator decrypt them.


So, I can't seem to figure out why... did I import the cert wrong? Create
the Cert wrong? Am I off base entirely?

Hint: File encryption and file sharing are mutually exclusive; an
oxymoron, really.


--

Bruce Chambers

Help us help you:


http://support.microsoft.com/default.aspx/kb/555375

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin

Many people would rather die than think; in fact, most do. ~Bertrand Russell

The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot
 
Oh ye of little faith. :)

I finally figured it out (after about 10 hours of research and work over two
days), and I'm not sure what made the "eureka moment" pop into my head...but
I'm going with it.

When I created my certificate, I created it by encrypting a local directory
(this was in the instructions left by my predecessor)... this was my error.

I deleted all my certs so I could start over, and :

1. created a certificate by saving a file to the encrypted directory that
the files in question are in.

2. From the server, opened MMC and Cert Snap In, and exported that Cert to a
file

3. I then went to the desk of the document creator and imported that Cert

4. The document's creator was now able to add me to the ACL

5. Return to my desk and enjoy access. :)

A slight PITA... but at least it works now.

- TK
 
Back
Top