locked
EFS sharing with multiple users on network file share RRS feed

  • Question

  • OK, here goes nothing

    2K8R2 DFL / 2K8R2 file server

    2 test accounts both enrolled for EFS cert & file server is enabled for kerberos delegation

    both accounts can encrypt files on network file share. Both accounts have local profiles on server.

    question: how in the heck can access to multiple users be set up?

    I have exported EFS certs for each & imported into trusted people store (also tried importing to Personal & Other People stores). I right-click file | Advanced | check 'Encrypt contents to secure data' | OK | Apply | Advanced | Details | Add | select user | OK | OK | Apply | OK... I attempt to open file with user for whom sharing was just enabled and receive "Access Denied".

    If I don't get this working soon, I my leap out the window (and I'm on the fifth floor).

    Oh, and I realize there are better solutions for this. The thing is that my manager disagrees.

     

    PLEASE HELP!!!!

     

    Thursday, July 25, 2013 7:12 PM

Answers

  • It turns out that this can only be accomplished if the private key for each user involved is imported into the trusted people store on the remote file server.
    • Marked as answer by TCraigB Monday, July 29, 2013 3:19 PM
    Monday, July 29, 2013 3:19 PM

All replies

  • Hi,

    You can add your account to that 2 test accounts' share list:

    http://support.microsoft.com/kb/308991


    TechNet Subscriber Support in forum |If you have any feedback on our support, please contact tnmff@microsoft.com.

    Friday, July 26, 2013 3:37 PM
  • There are only two accounts used for testing, each of which were included on the share list.
    Monday, July 29, 2013 3:17 PM
  • It turns out that this can only be accomplished if the private key for each user involved is imported into the trusted people store on the remote file server.
    • Marked as answer by TCraigB Monday, July 29, 2013 3:19 PM
    Monday, July 29, 2013 3:19 PM