EFS certificate/privatekey cache

O

Ondrej Sevecek

Hello,
scenario is as follows:

1) have no files EFS encrypted (e.g. new profile)
2) encrypt some file = autogenerated certificate
3) export the certicate with private key and let THE PRIVATE KEY DELETE
4) file is still accessible due to cert/keys present in "EFS cache"
5) log off
6) log on
7) file is STILL ACCESSIBLE - keys are still in cache

so as I tried it, EFS key cache is flushed only through restart.

Is there any method to flush the cashe from user's session?

Thanks Ondra.
 
S

Steven L Umbach

In Windows 2000 you need to reboot. XP will clear it with a logoff. ---
Steve
 
D

Drew Cooper [MSFT]

Other than rebooting, there is one way to flush the cache: Do EFS operations
with enough new users that the original user's cache entry is bumped. (I
don't remember what our cache size was in Win2k. 100, maybe?)
--
Drew Cooper [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.


David Cross said:
No, there is no mechanism to flush the cache

--


David B. Cross [MS]

--
This posting is provided "AS IS" with no warranties, and confers no rights.

http://support.microsoft.com

Ondøej ©eveèek said:
Many thanks. Can I force key flush from the session?

Ondra.
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

EFS uses only the last certificate? 2
bug with efs on server 2003 5
EFS Auto enroll 0
User vs. Basic EFS certificate 3
New EFS tool available - EFS Certificate Configuration Updater 14
EFS private key generation with CA 1
EFS Certificate Issue 5
EFS: disaster recovery/decryption? Possible? 5

Top