EFS certificate - along with self signed certificate

hi,

in our office pre prod environment implementing efs certificates , through pki auto enrollment. certificates getting generated automatically without issue, along i'm getting self signed efs certificate. please me stop generating of self signed certificate , else provide reason of why generating.

thanks help

hariharan 

this occur default if client needs encrypt hasnt completed enrollment efs certificate ca first. can prevent self-signed efs certificates via gpo:

the policy setting efs located in group policy editor under local computer policy\windows settings\security settings\public key policies\encrypting file system. right click, properties - on general tab select allow efs, , click certificates tab. uncheck box self-signed certificates.

---

mark b. cooper, president , founder of pki solutions inc., former microsoft senior engineer , subject matter expert microsoft active directory certificate services (adcs). known “the pki guy” @ microsoft 10 years. connect mark @ http://www.pkisolutions.com

Windows Server  >  Security