Removing the Encrypting File System Keys

One of the new features included with Windows 2000 and NTFS v5 is the Encrypting File System (EFS) . This allows files to be stored in an encrypted format so the contents can be viewed only by the individual who encrypted them. EFS encrypts files that are stored on a hard drive using encryption keys.

To increase the security of EFS, the encryption keys can be removed from the local computer and stored elsewhere, such as a network location or some other media type.

To remove the Encrypting file system keys from the local machine, follow these steps:

  1. Open the Run command and type mmc .

  2. Add the Certificate snap-in.

  3. Expand Certificates, Personal, and click Certificates.

  4. As long as a file has been encrypted previously, a certificate should be listed with the Intended Purpose designated as Encrypting File System, as shown in Figure 9.16.

    Figure 9.16. Viewing the Encrypting File System Certificate.

    graphics/09fig16.jpg

  5. Right-click the certificate, point to All Tasks, and select Export. This launches the Certificate Export Wizard. Click Next.

  6. Select the option to export the private key with the certificate. Click Next.

  7. Select the file format in which you want the certificate to be exported. Click Next.

  8. Type a password used to protect the private key. Click Next.

  9. Specify the name of the file to export. Click Next.

  10. Click Finish.

Once complete, the information will be stored within the file you specified. Remove the file from the local computer and store it in a secure network location or on another media type such as a floppy.

An administrator can also disallow users to encrypt files. You do this by modifying the appropriate group policy within Active Directory Users and Computers.

To disable EFS for all domain users, follow these steps:

  1. Click Start, point to Programs, Administrative Tools, and click Active Directory Users and Computers.

  2. Right-click the domain node and choose Properties.

  3. Click the Group Policy tab, select the appropriate policy and click Edit.

  4. From the Encrypted Data Recovery Agents container, expand Computer Configuration, Windows Settings, Security Settings, and Public Key Policies.

  5. Right-click the container and click Delete. Click Yes to delete the policy.

  6. Right-click Encrypted Data Recovery Agents and click Initialize Empty Policy.



Windows 2000 Network Infrastructure Exam Cram 2 (Exam 70-216)
MCSE Windows 2000 Network Infrastructure Exam Cram 2 (Exam Cram 70-216)
ISBN: 078972863X
EAN: 2147483647
Year: 2005
Pages: 167

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net