Re: File Encryption

---

• From: Marin Marinov <marin-online@xxxxxxxxxx>
• Date: Fri, 2 Dec 2005 16:21:09 -0500

---

In article <#wBsoi39FHA.140@xxxxxxxxxxxxxxxxxxxx>, "Milan Stojanovic"
<username piksi@host eunet dot not com but YU> says...
>
> Sorry for interrupting, but I think that it is a great idea to have report
> of all workstations with some encrypted file. Do I need to modify MOF and
> use a script, or it can be made by default mof?
>
> thanks in advance...
<snip>
Hi Milan,
I would argue that it's such a good idea and this goes back to my
initial question - why would one need that ;) Technically speaking,
there are ways you could potentially do it:
- script that recurses through all files and folders and reports data
either in WMI or dumps a NOIDMIF file
- figuring out how to make software inventory report IsEncrypted for a
file. Software inventory seems to store file inventory information in
the FileSystemFile WMI class (http://tinyurl.com/bgvqy) under root\ccm
\invagt. However, the XML file that it generates and passes on to the MP
(http://tinyurl.com/dk8ko) doesn't seem to contain all the properties
available in this class.
- for folders only, making use of the Win32_Directory class and its
Encrypted property

Bare in mind though that most of these (probably except option 2) will
likely result in a performance hit on the respective computers. And
again - finding out which machines have encrypted files is arguably
beneficial plus it's reactive, not proactive. As a best practice, if
your organization hasn't deployed a "real" PKI, deployed and maintains
certificates for the users for use with EFS, disable EFS on the clients.
If people can encrypt files whenever they chose without this being an
officially designed for and supported feature, this can cause you a lot
of headaches...pardon, "administrative overhead" ;)

HTH
--
Cheers,
Marin Marinov
MCT,MCSE,MCSE:Security,MCP+I
-
This posting is provided "AS IS" with no warranties, and confers no
rights.

"True knowledge exists in knowing that you know nothing."
Socrates
.

---

• Follow-Ups:
  • Re: File Encryption
    • From: Milan Stojanovic
  • Re: File Encryption
    • From: Stevie

• References:
  • File Encryption
    • From: Stevie
  • Re: File Encryption
    • From: Marin Marinov
  • Re: File Encryption
    • From: Cathy Moya [MS]
  • Re: File Encryption
    • From: Milan Stojanovic

• Prev by Date: Re: Remote Control Setting
• Next by Date: Re: RPC Server is unavailable
• Previous by thread: Re: File Encryption
• Next by thread: Re: File Encryption
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: File Encryption ... EFS, even it has been enabled a year ago on more than 100 computers in our ... >> of all workstations with some encrypted file. ... > - figuring out how to make software inventory report IsEncrypted for a ... Software inventory seems to store file inventory information in ... (microsoft.public.sms.admin) Re: Encryption ... Sean wrote: ... >Is there a software that could scan a encrypted file and report what ... The result _is_ a valid encryption/decryption of that stream ... (comp.unix.bsd.freebsd.misc)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > SMS  > microsoft.public.sms.admin  > 2005-12