Step by step guide for encryption file system

Darshana Jayathilake- darshanasam1234@hotmail.com

Virtual Machines: Server01; Client01

LAB: Active Directory & Certificate Authority Preconfigured

Lab Objective: At the end of this lab you should able to encrypt files by using EFS & recover

Encrypted files by using Data Recovery Agent

Task Steps

Encrypt files on client/Server

1. Login to the Client01 using domain user account(Btech\Darshana)

2. Open my computer > Open Drive “C” > Create a Folder “Data” and create Text file “Credidcardno” inside the “Data” Folder > Add some data to the text file

3. Right click on the file > Select “Properties” > Select “Advanced” > Select “Encrypt Contents to secure data” check box > Click “OK”

4. Click “Apply” > Select “OK” on “Encryption Warning” popup

Verify user certificate on data Encryption

1. Right click on the encrypted folder > Select “Properties” > Click on “Advanced” > Click “Details” > now you can see the thumbprint of the certificate

Test Encrypted data 1. Login to “client01” using different user account “Anne” > Try to open encrypted data. User should get “Access is denied” message

Recover Data Using Data Recovery Agent

1. To verify the recovery certificate, there are two options. Rtght click on the encrypted file > Select properties > Click “ Advanced” > Click “Details”.

2. Now we can seed the recovery user\certificate and users certificate(note the thumbprint)

3. Or using “cipher” with parameter C command we can get the same output

4. Bydefault “Administrator” is the data recovery agent for domain with his self signe recovery certificate.To open the encrypted file on different user account , we need to install this certificate recover agents certificate for that perticular user.

5. To retrieve RA certificate > Loin to the “Domain Controller” with administrators account > Open “Run” > Type “MMC” > Add “Certificate” snapinn to the “Current User” Account

6. Expand Certifcates > Expand “Personel” > Expand “Certificate”

7. Right click on the certificate and verify the “Thumbprint”

8. Now we need to export this certificate with “Private key” > Click on “Copy to File”

9. Select “Yes, export the private key” > Click on “Next” > Assing “ password”

10. Give the name and save the certificate

11. Now we can install this certificate on client computers user session

12. Login to the client computer and open certifcate snapin in “MMC”

13. Import the certicate to “Current User”

14. Give the password

15. Select the “personel” store and click “Next”

16. Now user can open the encrypted file