Q. EFS certificate always tries to enroll the Basic EFS template?

The EFS (Encrypting File System) always attempts to enroll the Basic EFS template.

When requesting a certificate on first use, EFS requests the Basic EFS template, or it uses auto-enrollment. When no certificates exist on the client computer, the version 1 template of the Basic EFS is used.

When configuring a version 2 template of the Basic EFS for enhanced configuration options, and you want users to automatically obtain the EFS certificate, you must use auto-enrollment.

NOTE: EFS does not know if there is the version 2 template on first use because the version 2 template has a different name.

NOTE: When you manually request a certificate in the MMC (Microsoft Management Console), the EFS certificate works with both versions of the template.

NOTE: See Encrypting File System in Windows XP and Windows Server 2003


Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish