Encrypting User Data with EFS in Windows Server 2016

A step-by-step guide on how to encrypt user data using Encrypting File System (EFS) in Windows Server 2016, including preparation of domain controllers and configuration details.

microsoft lab10.3K views12:32

🔥 Related Trending Topics

LIVE TRENDS

This video may be related to current global trending topics. Click any trend to explore more videos about what's hot right now!

THIS VIDEO IS TRENDING!

This video is currently trending in Thailand under the topic 'สภาพอากาศ'.

Trending Now Globally
สภาพอากาศ
100K+
farul constanța - botoşani
20K+
الطقس غدًا
20K+
météo
20K+
airlines flights cancelled
20K+
miami heat
20K+

About this video

Donate Us : paypal.me/MicrosoftLab Encrypting User Data with EFS in Windows Server 2016 1. Prepare - DC21 : Domain Controller, IP 10.0.0.21 | DC22 : Certificates Server, IP 10.0.0.22 | WIN1091, WIN1092 : Domain Member (IP 10.0.0.91, 10.0.0.92) 2. Step by step : Encrypting Data for HiepIT account with EFS - DC22 : Install "Active Directory Certificate Services" + Server Manager - Manage - Add Roles and Features - Next to Server Roles : Select "Active Directory Certificate Services" - Add Features - Next to Role Services : Select "Certification Authority" and "Certificate Enrollment Policy Web Service" - Add Features - Install + Notifications - Congifure Active Directory Certificate Services on the distination server - Role Service : Select "Certification Authority" - Setup Type : Enterprise CA - Next to CA Name : Common name for this CA : PNS-CA - Configure - DC21 : Delete certificate default + Server Manager - Tools - Group Policy Management - Default Domain Policy - Edit… - Computer Configuration - Policies - Windows Settings - Security Settings - Public key Policies - Encrypting File System - Delete : Administrator + Start - cmd - gpupdate /force - WIN1091 : logon using HiepIT account. Update policy, Request certificate and create a floder share. Start - cmd - gpupdate /force + Create and share a folder named DATA, create a file text named report.txt local drive C: + WIN1092 : Logon using VietIT account. Start - \\10.0.0.91\DATA - Double-click report.txt === OK + Start - mmc - File - Add/Remove Snap-in...- Certificates - Add - Right-click Personal - All Tasks - Request New Cerfiticate… - Select Basic EFS - Enroll + Right-click report.txt - Genernal tab - Advanced… - Check "Encrypt contents to secure data" - Choose " Encrypt the file and its parent folder (recommended)"- OK - WIN1092 : Logon using VietIT account. + Start - cmd - gpupdate /force + Start - \\10.0.0.91\DATA - Double-click report.txt === Access is denied + Logon using account HiepIT. Start - \\10.0.0.91\DATA - Double-click report.txt === OK

Video Information

Views
10.3K

Total views since publication

Likes
24

User likes and reactions

Duration
12:32

Video length

Published
Jun 28, 2017

Release date

Quality
hd

Video definition

About the Channel

microsoft lab

View channel →