Article ID: 320044 - View products that this article applies to.
This article was previously published under Q320044
This step-by-step article describes how to use Encrypting File System (EFS) to encrypt files and folders on a remote Windows 2000-based computer.
Use EFS to encrypt your data when you want to protect it from unauthorized access and to prevent it from being read by other users. You can use EFS to encrypt and decrypt files and folders that are located on NTFS volumes on a remote server if the server is trusted for delegation in Active Directory. To remotely encrypt and decrypt files and folders, your certificate and private key must be stored on the server. The server uses Kerberos delegation to access this information.
Note that when you set encryption for a folder, EFS automatically encrypts all new files and subfolders that you create in that folder.
For additional information about EFS, visit the following Microsoft Web site:
Step-by-Step Guide to Encrypting File System (EFS)For additional information about remotely encrypting files and folders on a server, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/283223/ )Recovery of encrypted files on a server
(http://support.microsoft.com/kb/222054/ )Encrypting files in Windows 2000
(http://support.microsoft.com/kb/223316/ )Best practices for Encrypting File System
255742For additional information about Kerberos authentication and delegation in Windows 2000, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/255742/ )Methods for recovering encrypted data files
(http://support.microsoft.com/kb/217098/ )Basic overview of Kerberos User Authentication protocol in Windows 2000
(http://support.microsoft.com/kb/266080/ )Answers to frequently asked Kerberos questions