0

I created a folder on my Win7 Pro machine, set it to encrypt contents to protect data. Then I opened MMC, added the Certificates snap-in for "my user account", expanded Certificates - Currrent User > Personal > Certificates and exported my certificate with the private key to a network share as an .PFX file.

On the WinXP Pro machine, I went to the network share, located the cert and installed it. Then I went to the folder on the Win7 pc using UNC path and tried to copy the file from there to the XP machine's desktop, and it said access denied. But it would let me delete the file. I just couldn't copy or preview it.

Am I missing something?

John Ly
  • 1

1 Answers1

1

EFS doesn't support remote decryption except in a domain.

"Remote EFS operations on files stored on network file shares are possible in Windows 2000 or later domain environments only." - Using Encrypting File System

In any event, it couldn't work the way you're trying to make it work. EFS has no encrypted wire protocol. The way it would have to work is for the remote user to use credentials to access the key stored on the machine that has the EFS files on it.

David Schwartz
  • 31,215
  • 2
  • 53
  • 82