EFS Trouble - External Drive

[Jerry Baker]

I have two machines, A and B, which I share files between using a USB
hard drive. They are both Windows XP SP2 and I am an administrator on
both machines (although I am not a domain admin on machine B). I
exported my EFS certificate AND private key from machine A and
successfully imported it onto machine B. I can see the certificate AND
private key of machine A in machine B's certificate store.

Now, when I encrypt files on the USB drive using machine A, machine B
cannot read them. They appear as though they are not encrypted (they
aren't green) and cipher.exe doesn't place an E next to them. When I try
to access them I just get "Access is denied" errors.

I tried taking ownership of the files, and that didn't change the
situation at all. I tried forcing the files to decrypt without success.
I am completely unable to use machine B to access files encrypted by
machine A.

I have spent more than three hours reading every technet article
regarding EFS as well as other people's problems posted on various
boards and in this group. I still have not seen a simple explanation of
how you can use EFS on files that will be accessed by other computers.
Everything just says to import your certificate with private key and
doesn't mention what to do after that.

Thanks for any help you can offer.

 

[Mark]

I have two machines, A and B, which I share files between using a USB
hard drive. They are both Windows XP SP2 and I am an administrator on
both machines (although I am not a domain admin on machine B). I
exported my EFS certificate AND private key from machine A and
successfully imported it onto machine B. I can see the certificate AND
private key of machine A in machine B's certificate store.

Now, when I encrypt files on the USB drive using machine A, machine B
cannot read them. They appear as though they are not encrypted (they
aren't green) and cipher.exe doesn't place an E next to them. When I try
to access them I just get "Access is denied" errors.

I tried taking ownership of the files, and that didn't change the
situation at all. I tried forcing the files to decrypt without success.
I am completely unable to use machine B to access files encrypted by
machine A.

I have spent more than three hours reading every technet article
regarding EFS as well as other people's problems posted on various
boards and in this group. I still have not seen a simple explanation of
how you can use EFS on files that will be accessed by other computers.
Everything just says to import your certificate with private key and
doesn't mention what to do after that.

Thanks for any help you can offer.

 

[Allan]

I have two machines, A and B, which I share files between using a USB hard
drive. They are both Windows XP SP2 and I am an administrator on both
machines (although I am not a domain admin on machine B). I exported my EFS
certificate AND private key from machine A and successfully imported it
onto machine B. I can see the certificate AND private key of machine A in
machine B's certificate store.

Now, when I encrypt files on the USB drive using machine A, machine B
cannot read them. They appear as though they are not encrypted (they
aren't green) and cipher.exe doesn't place an E next to them. When I try
to access them I just get "Access is denied" errors.

I tried taking ownership of the files, and that didn't change the
situation at all. I tried forcing the files to decrypt without success. I
am completely unable to use machine B to access files encrypted by machine
A.

I have spent more than three hours reading every technet article regarding
EFS as well as other people's problems posted on various boards and in
this group. I still have not seen a simple explanation of how you can use
EFS on files that will be accessed by other computers. Everything just
says to import your certificate with private key and doesn't mention what
to do after that.

Thanks for any help you can offer.

I think the access depends on the user account. Have you tried creating a
new user account on the second ("b") drive with the same name as the one you
encrypted the files with on machine "a"?