Re: Permissions (seperate area?)
- From: rossk <rkovelman@xxxxxxxxxxxxxxxx>
- Date: Thu, 01 Nov 2007 09:58:25 -0700
Ok I got that fixed, so the folder shows green with the attrib being
E. Now how can I get them to take control of the folder and lock the
admin out? And what is the point of doing this making it encrypted?
~Ross
On Nov 1, 9:26 am, rossk <rkovel...@xxxxxxxxxxxxxxxx> wrote:
THANKS!
I have an issue when I select the Encrypt contents to secure data
"An error occured applying attributes to the file
F:/path
Recovery policy configured for this system contain invalid recovery
certificate"
How would I fix this...ahhh
~Ross
On Nov 1, 2:54 am, v-mzh...@xxxxxxxxxxxxxxxxxxxx (Manfred Zhuang
[MSFT]) wrote:
Hello Ross,
Thank you for posting here.
From your post, I understand that you would like to create a folder for a
group of users to store data. But in the time, you hope the admin cannot
access the data.
To do this, we may use Encrypting File System.
For detailed information, please refer to following articles:
Step-by-Step Guide to Using the Encrypting File Systemhttp://www.microsoft.com/technet/prodtechnol/windowsserver2003/techno...
directory/activedirectory/stepbystep/efs.mspx
Best practices for the Encrypting File Systemhttp://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
I hope the above information is useful to you.
If you have any concern, please feel free to let me know.
Best regards,
Manfred Zhuang(MSFT)
Microsoft Online Newsgroup Support
Get Secure! -www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
checkhttp://support.microsoft.comforregional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: rossk <rkovel...@xxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| Subject: Re: Permissions (seperate area?)
| Date: Tue, 30 Oct 2007 14:45:05 -0700
| Organization:http://groups.google.com
| Lines: 29
| Message-ID: <1193780705.203532.301...@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <1193775736.742685.83...@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
| <#99#NPzGIHA....@xxxxxxxxxxxxxxxxxxxx>
| NNTP-Posting-Host: 66.47.1.90
| Mime-Version: 1.0
| Content-Type: text/plain; charset="us-ascii"
| X-Trace: posting.google.com 1193780705 30367 127.0.0.1 (30 Oct 2007
21:45:05 GMT)
| X-Complaints-To: groups-ab...@xxxxxxxxxx
| NNTP-Posting-Date: Tue, 30 Oct 2007 21:45:05 +0000 (UTC)
| In-Reply-To: <#99#NPzGIHA....@xxxxxxxxxxxxxxxxxxxx>
| User-Agent: G2/1.0
| X-HTTP-UserAgent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en)
AppleWebKit/418.9 (KHTML, like Gecko) Safari/419.3,gzip(gfe),gzip(gfe)
| Complaints-To: groups-ab...@xxxxxxxxxx
| Injection-Info: 22g2000hsm.googlegroups.com; posting-host=66.47.1.90;
| posting-account=ps2QrAMAAAA6_jCuRt2JEIpn5Otqf_w0
| Path:
TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS01.phx.gbl!TK2MSFTF E
EDS02.phx.gbl!newsfeed.cw.net!cw.net!news-FFM2.ecrc.de!news.glorb.com!postn e
ws.google.com!22g2000hsm.googlegroups.com!not-for-mail
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:72767
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| How can I do this encryption thing you are talking about?
| Thanks
|
| On Oct 30, 4:31 pm, "kj [SBS MVP]" <KevinJ....@xxxxxxxxxxxxxxxxxx>| wrote:
| > rossk wrote:
| > > Anyone know how I can do this?
| >
| > > I need to create a folder so a group of user can store data there but
| > > lock the sys admin out (myself) and encrypt the data? Basically I
| > > need an area that only this one guy can control and no one else. He
| > > needs to be able to control that area in whole (permissions etc)
| >
| > > If he does this I need to know I can still back that data up. I know
| > > in unix I can with root but not sure with windows.
| >
| > > Thanks!!
| >
| > You can't permanetly lock out the admins. You can encrypt the data so
that
| > the admin can not examine or alter it. The admin should have had an
recovery
| > certificate created which you need to take into account if you really
want
| > to ensure this. While the user can control the data, he/she is also
| > responsible for it. You've not only the need to backup the encrypted
data,
| > but also the certificates needed to encrypt and decrypt it.
| >
| > --
| > /kj
|
|
|
.
- Follow-Ups:
- Re: Permissions (seperate area?)
- From: Manfred Zhuang [MSFT]
- Re: Permissions (seperate area?)
- References:
- Re: Permissions (seperate area?)
- From: Manfred Zhuang [MSFT]
- Re: Permissions (seperate area?)
- From: rossk
- Re: Permissions (seperate area?)
- Prev by Date: Re: FTP Through 2003 SBS
- Next by Date: Re: Less Informaion Availiable in LDAP on SBS than Server 2003
- Previous by thread: Re: Permissions (seperate area?)
- Next by thread: Re: Permissions (seperate area?)
- Index(es):
Relevant Pages
|
Loading
