EFS, Shared Folder, Authorise on a PER FILE BASIS!?

Hello,

I have an SBS2k3 Server and lots of XP Pro desktop clients. I have a shared
folder on that server accessible to network users; it holds sensitive company
data. Logged on via RDP as Administrator, I have encrypted the shared folder.
It now appears green in the folder list. None of my network users can now
open any of the the files ("Access Denied" type messages).

Everything I read about "sharing EFS encrypted files with network users"
involves using the "Details" button and adding each respective user. My
problem is...are you telling me I have to authorise every network user on a
PER FILE BASIS?! The "Details" button under Folder/File Properties ->
Advanced is disabled if you select a folder/multiple files. Why can't I do
this on a folder level!.

I have confirmed this is a certificate/EFS related problem because I added
one user (via the EFS -> Details -> "Users who can transparently access this
file" option), to one encrypted file and they were able to open it fine over
the network.

Please tell me there is somewhere you can include/specify a group of
authorised domain users access to a shared, encrypted folder. If not, how is
this a manageable solution when you're dealing with 100000's of files and
100000's of users?!.

Is there some light in the "Trusted People" folder of the certificates MMC
snap-in??.

Sorry to sound a little angst-ridden, but I can't find anything, anywhere to
explain this process or its feasibility in detail. I have read a few postings
and peope conclude EFS is not "manageable" in network situations...

T.I.A

Steve B.
.