T
terry b
HELLO, HELLO
( Judging by the number of posts regarding WindowsXP Encryption File
System, I'm not the only user who's much frustrated...)
I've spent a couple of hours reading articles & posts about 'How to Create a
Data Recovery Agent', and have followed the steps (used cmd-prompt and
"cipher /r:<filename>", created .cer and .pfx files, logged on as the user
who encrypts the files and opened the mmc console and imported the .pfx file
into Certificates, etc.) In fact, the certificates show up just fine in the
mmc file's 'Certificates>Local Computer>Personal & Trusted Root
Certification Authorities', so why when I log in as the DRA and try to open
the encrypted files, do I still get an 'Access Denied' message? In fact,
I've imported the Administrator's ( the user I'd like to set as DRA)
certificates into about 6 different branches in the mmc console, and also
I've gone into Group Policy>Windows Settings>Security Settings>Public Key
Policies, right-clicked and chosen 'Add Data Recovery Agent', and imported
the certificates there also.
What in the Sam Hill is the hangup? Is there some basic Group Policy setting
relevant to small networks (the unit I'm trying to set up the DRA on is host
for a WLAN) that isn't enabled, that needs to be?
Anybody got any idea what's being missed?
Thankx in advance for any relevant suggestions!
terry b.
( Judging by the number of posts regarding WindowsXP Encryption File
System, I'm not the only user who's much frustrated...)
I've spent a couple of hours reading articles & posts about 'How to Create a
Data Recovery Agent', and have followed the steps (used cmd-prompt and
"cipher /r:<filename>", created .cer and .pfx files, logged on as the user
who encrypts the files and opened the mmc console and imported the .pfx file
into Certificates, etc.) In fact, the certificates show up just fine in the
mmc file's 'Certificates>Local Computer>Personal & Trusted Root
Certification Authorities', so why when I log in as the DRA and try to open
the encrypted files, do I still get an 'Access Denied' message? In fact,
I've imported the Administrator's ( the user I'd like to set as DRA)
certificates into about 6 different branches in the mmc console, and also
I've gone into Group Policy>Windows Settings>Security Settings>Public Key
Policies, right-clicked and chosen 'Add Data Recovery Agent', and imported
the certificates there also.
What in the Sam Hill is the hangup? Is there some basic Group Policy setting
relevant to small networks (the unit I'm trying to set up the DRA on is host
for a WLAN) that isn't enabled, that needs to be?
Anybody got any idea what's being missed?
Thankx in advance for any relevant suggestions!
terry b.