Users can't access encrypted shared files
Hi Guys, I have windows server 2008 standard edition .. I have installed the certification Authority on it. I have a shared file and I want it to be encrypted .. However when I encrypt the file , no one can access it except me " Domain Admin ".I have requested the user certificate from his computer " MMC - Certificate - Personal - Request a new certificate " and I have add it to the file " Advanced - details - Add user " .. But the user still unable to access the file. The user has full access permission over the shared folder and the file itself .. but when he try to access the file he got " Access is Denied ". If I decrypt the file , the user is able to access it ..User computer OS is Windows XP Pro. Any help will be appreciated .. Thanks
March 22nd, 2010 2:20am

Did the user: 1) Request the certificate at their *own* computer 2) Did you verify that the thumbprint of the certificate in *their* personal store (certmgr.msc run on their computer) matches the thumbprint stored in Active Directory Brian
Free Windows Admin Tool Kit Click here and download it now
March 22nd, 2010 5:00am

Hi Brian, Thanks for your reply .. what type of certificate I should request from the client computer ? User or EFS ? or both ?And where I can view the thumbprint ? Thank you
March 22nd, 2010 7:02pm

Hi, You can refer to the following article. Especially, the "Remote EFS Operations on File Shares and Web Folders" section: Using Encrypting File Systemhttp://technet.microsoft.com/en-us/library/bb457116.aspx#EHAA Hope it is helpful for your work.This posting is provided "AS IS" with no warranties, and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
March 25th, 2010 11:16am

Hi John, Thanks for that link and I am sorry I was out of town for a few weeks. I've followed that link steps , didn't find much .. But here is what I've found : When I created a new user in the AD , and added his Certificate to the encrypted folder , he was able to access it !!!!!!!. Although the old users can't ! Thanks for your help in Advance !
May 18th, 2010 8:58pm

I have figured this out .. the problem was with the Server profiles. After I have removed the CA .. I should have removed all user profiles from the server too. So .. I removed CA with all user profiles .. installed it back again .. everything ran with no problems. Thanks for everyone's help !
Free Windows Admin Tool Kit Click here and download it now
July 15th, 2010 5:55pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics