New efs recovery agent for XP on a W2K domain

  • Thread starter Thread starter Kona
  • Start date Start date
K

Kona

Hello,
How can I create a new default Recovery Agent for XP stations in a W2K domain ?
I do not would like to use a CA for that.
The new Recovery Agent have to be a account of the W2K domain

Thank you
 
The easiest way is to use "cipher /r" on one of the XP machines*, put the
..cer file into the recovery policy, put the .pfx somewhere safe (on
removable media in a safe, for instance), and delete the .cer and .pfx files
from the XP machine.



* I'm pretty sure we didn't have "cipher /r" in Win2k when we originally
released, but it may have been backported in a service pack. If it's on
your Win2k machine, please ignore everything I said about XP.
 
Hi,
As I'm newbie in EFS could you just tell me more on how to put my .cer
file into the recovery policy ?
Which mmc have I to use ?
(I created the .cer and .pfx)

Regards

Drew Cooper said:
The easiest way is to use "cipher /r" on one of the XP machines*, put the
.cer file into the recovery policy, put the .pfx somewhere safe (on
removable media in a safe, for instance), and delete the .cer and .pfx files
from the XP machine.



* I'm pretty sure we didn't have "cipher /r" in Win2k when we originally
released, but it may have been backported in a service pack. If it's on
your Win2k machine, please ignore everything I said about XP.
--
Drew Cooper [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.


Kona said:
Hello,
How can I create a new default Recovery Agent for XP stations in a W2K domain ?
I do not would like to use a CA for that.
The new Recovery Agent have to be a account of the W2K domain

Thank you
Click to expand...
Click to expand...
 
Back
Top