{"id":904,"date":"2012-09-13T10:23:35","date_gmt":"2012-09-13T10:23:35","guid":{"rendered":"http:\/\/pariswells.com\/blog\/?p=904"},"modified":"2012-09-13T10:23:35","modified_gmt":"2012-09-13T10:23:35","slug":"renew-active-directory-certificate-for-efs","status":"publish","type":"post","link":"https:\/\/pariswells.com\/blog\/fixes\/renew-active-directory-certificate-for-efs","title":{"rendered":"Renew active directory Certificate for EFS"},"content":{"rendered":"\r\n

\"\"<\/a>Recently some users at a company using the EFS Encryption of their offline files for Windows 7 were not able to access their offline files anymore. We have to reset their offline cache for it to resync. This was due to the\u00a0EFS certificate which is created by default when you create a new domain.<\/p>\r\n

This article explains it \u2013 and outlines the process for renewing and replacing the certificate:<\/p>\r\n

http:\/\/msmvps.com\/blogs\/alunj\/archive\/2007\/03\/24\/efs-in-a-domain-expires-after-three-years.aspx<\/a><\/p>\r\n

and here\u2019s a more detailed explanation from the MS AD team themselves:<\/p>\r\n

http:\/\/blogs.technet.com\/b\/askds\/archive\/2008\/01\/07\/replacing-an-expired-dra-certificate.aspx<\/a><\/p>\r\n

The steps are basically:<\/p>\r\n

    \r\n\t
  1. Export the current certificate to a PFX file (so that you have it in case you need to rollback).<\/li>\r\n\t
  2. Create a new certificate from the command line.<\/li>\r\n\t
  3. Remove the old certificate from the Default Domain Policy and import the new one.<\/li>\r\n\t
  4. Distribute the new certificate by doing a GP update.<\/li>\r\n<\/ol>\r\n","protected":false},"excerpt":{"rendered":"

    Recently some users at a company using the EFS Encryption of their offline files for Windows 7 were not able to access their offline files anymore. We […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14],"tags":[],"class_list":["post-904","post","type-post","status-publish","format-standard","hentry","category-fixes"],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t\n\t\n\t\n\t\n\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t