PSS ID Number: 828216
Article Last Modified on 3/1/2004
The information in this article applies to:
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Professional
SUMMARY
When you use the Encrypting File System (EFS) to encrypt files on a Microsoft Windows 2000-based computer, make sure that you encrypt only specific files or folders in a user profile folder in the Documents and Settings folder. If you encrypt every file in a user profile folder, you may experience unexpected behavior the next time that you try to log on.
Note You can encrypt the My Documents folder for any user. The default path of a user's My Documents folder is C:\\Documents and Settings\UserProfile\My Documents. By encrypting this folder, you encrypt the folder where most documents are stored.
MORE INFORMATION
Encryption technology works by using algorithms that rearrange, scramble, and encode the data in the file. A key pair is randomly generated when you encrypt your first file. This key pair is made up of a private key and a public key. This key pair is used to encode and to decode encrypted files.
The private key that is associated with the file or the folder is encrypted and saved as an individual file in one of the following folders:
- For RSA keys:
UserProfile\Application Data\Microsoft\Crypto\RSA\User SID - For DSA keys:
UserProfile\Application Data\Microsoft\Crypto\DSA\User SID
For additional information about using EFS, click the following article number to view the article in the Microsoft Knowledge Base:
223316 Best practices for the Encrypting File System
REFERENCES
For additional information about the Encrypting File System (EFS) for Windows 2000, visit the following Microsoft Web site:
Keywords: kbinfo KB828216
Technology: kbwin2000AdvServ kbwin2000AdvServSearch kbwin2000DataServ kbwin2000DataServSearch kbwin2000Pro kbwin2000ProSearch kbwin2000Search kbwin2000Serv kbwin2000ServSearch kbWinAdvServSearch kbWinDataServSearch
