Working on EFS DRA and Certificates

I found I couldn’t just “add” a user as a new recovery agent, because that account’s user object didn’t have an appropriate certificate. According to the document in my previous post, there are significant advantages to using our Certificate Authority to manage EFS-related keys.
I found the following sequence of articles useful:
http://www.lockergnome.com/nexus/it/2005/10/27/designating-efs-recovery-agents-part-i/
http://www.lockergnome.com/nexus/it/2005/10/28/designating-efs-recovery-agents-part-ii/
I’m still working on this, though.

Leave a Reply