|
Posted by Brian Komar [MVP] on November 1, 2006, 11:06 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Mark@discussions.microsoft.com says...
> All,
> I am in the final steps of implementing EFS into Active directory. I=
=20
> have created my CA server, configured my EFS recover template, but that=
=20
> leaves me with one question. When I request an EFS recovery certificate,=
the=20
> computer name is displayed in the summary page during the certificate req=
uest=20
> wizard. Does it matter which computer I create the recovery agent=E2=A4=
=3D3Fs=20
> certificate upon as long as the computer is a member of the domain? Or do=
es=20
> it need to be a certain computer in the domain such as a DC?
>=20
> Thanks for your help in this.
>=20
> Mark
>=20
>=20
It really does not matter where you request the certificate. Just make=20
sure that you export:
- The certificate in base64 or DER encoding to add to the Recovery Agent=20
policy (preferably at each domain)
- The certificate in a PKCS#12 format and saved to media such as a CD to=20
allow import for recovery procedures
Brian
| 
XML site map