I have an environment where I need to prevent our normal day to day system
administrators from being able to open and view files on a file server and
SQL servers. The environment is a Windows 2003 server and AD and SQL 2005
environment, with a 20,000 user environment and a subset (~400) would need
to be able to access the systems where I need to do the encryption.. I was
thinking doing EFS would be the best solution for me. I understand I would
need a CA and assign users an EFS cert and publish them into AD. The catch
is, for example, EFS does not support the ability to use groups, and so that
would mean putting 400 users onto an ACL for a file. Is this really the
best solution for what I am trying to do here?
thanks,
Jason
|
Similar Threads
Linear Mode
