Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

identify all local efs certs for export

Status
Not open for further replies.

sumgirl

IS-IT--Management
Mar 19, 2003
55
US
Hi all. I want to script out a process to identify all local efs certs on a users machine so I can then use cipher.exe to export them and move them to that users new machine during a refresh process. Its possible that a user will have more than one cert and/or that a machine might even be shared and have more than one user, and so far the only way I have seen to handle this was to use the Certificates snapin mmc which of course doesnt lend itself to an automated or scripted solution. Hope someone can help, but myself and one of the guys I work with has been trying to work this out and there doesnt seem to be a graceful way to do what seems like a pretty straight forward thing.

Our first attempt to script this involved running cipher.exe to gen a list of all encrypted files, then efsinfo to on every one of those files to get a list of efs users who could decrypt and then taking the distinct values from that and running cipher.exe on them to export the certs. Very top heavy and slow, and those commands produce output formates that make them very hared to script.

Can someone please help or advise? Because I know things work a little different in Vista, let me say up front that we are a mostly XP shop with a little Vista.
-sG
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top