|Subject:||Private key / EFS certificate generation and key storage|
|Posted by:||Ronnie (Ronn…@discussions.microsoft.com)|
|Date:||Wed, 10 Jan 2007|
On a 2003 Terminal Server in a 2003 functional mode forest,
if encryption is allowed on a folder in a user's redirected My
Documents folder with no CA in the domain, am I
correct in saying the public key pair is being generated by the
Terminal Server? If so, is the private key being stored in the
Would the user be able to decrypt their data if :
* there is no key recovery agent and their profile becomes corrupt?
* the server which generates the key pair is destroyed?