Sharing encrypted folder

  • Thread starter Thread starter DPM
  • Start date Start date
D

DPM

Guest
Environment: Server2008-x64 enterprise, XPpro SP2 client.


I want to set up a shared encrypted folder on Server2008, so I:
1.. Logged on the server as admin and created folder "secure", marked it
as encrypted.
2.. This new encrypted folder inherited full-control access permissions
from user x.
3.. I go to my XP machine, map a network drive to "secure" using user x.
So far, so good.
4.. I try to write a file to "secure"; permission is denied.
5.. I then go back to the server and copy the file to "secure" - no
problem.
6.. On XP I export x's certificate (both keys) and successfully import it
into the server.
7.. On the server I try to add x's certificate to the file; I click "add",
select x's certificate and click OK. Result: no error message, but x is not
added.
What's the problem here? Why won't S2008 add the certificate, and if there's
a problem why no error message? Is this a known bug?

If I turn encryption off x can access the folder normally, so this is
definitely encryption-related.

Is there a way to allow user x on the XP box to use the secure folder just
like any other shared folder? It's a pain to have to add x's cert to every
file manually.


What am I doing wrong here?


Thanks,
Dean
 
Re: Sharing encrypted folder

I suppose you're using SMB (not Web DAV) to access the folder.

If you use SMB you need to:
1. Set the server to be trusted for delegation
2. You can import the user's certificate and private key so a user doesn't have
more key pairs. If you don't import the certificate and key pair a new key pair
will be generated and stored in the user's profile on the server.

Decryption and encryption process is taking place on the machine where the share
is located (server). The file is sent over the network in clear text.

More info can be found here http://technet.microsoft.com/en-us/library/bb457065.aspx

HTH


Martin

DPM wrote:
> Environment: Server2008-x64 enterprise, XPpro SP2 client.
>
>
> I want to set up a shared encrypted folder on Server2008, so I:
> 1.. Logged on the server as admin and created folder "secure", marked it
> as encrypted.
> 2.. This new encrypted folder inherited full-control access permissions
> from user x.
> 3.. I go to my XP machine, map a network drive to "secure" using user x.
> So far, so good.
> 4.. I try to write a file to "secure"; permission is denied.
> 5.. I then go back to the server and copy the file to "secure" - no
> problem.
> 6.. On XP I export x's certificate (both keys) and successfully import it
> into the server.
> 7.. On the server I try to add x's certificate to the file; I click "add",
> select x's certificate and click OK. Result: no error message, but x is not
> added.
> What's the problem here? Why won't S2008 add the certificate, and if there's
> a problem why no error message? Is this a known bug?
>
> If I turn encryption off x can access the folder normally, so this is
> definitely encryption-related.
>
> Is there a way to allow user x on the XP box to use the secure folder just
> like any other shared folder? It's a pain to have to add x's cert to every
> file manually.
>
>
> What am I doing wrong here?
>
>
> Thanks,
> Dean
>
>
 

Similar threads

J
Using TLS certificate with Windows 2008 SMTP virtual server
Replies
0
Views
276
JonF2010
J
C
WhatsApp launches encrypted backups on iPhone and Android
Replies
0
Views
101
Chris Smith
C
C
WhatsApp encrypted backups rolling out to iPhone and Android
Replies
0
Views
125
Chris Smith
C
M
403.16 error : "Root certificate which is not trusted by the trust provider. (0x800b0109)"
Replies
0
Views
276
Malathi_Pai
M
A
IIS Admin Service unable to start - How and Why it can happen?
Replies
0
Views
246
ashfana
A
Back
Top