- 1 Mark Shuttleworth Details Ubuntu 18.10 Cosmic Cuttlefish Linux Release
- 2 IBM z14 Mainframe and POWER9 Systems Continue to Grow
- 3 Nginx Updates Web Server Application Platform
- 4 NVIDIA Accelerates Server Workloads with RAPIDS GPU Software
- 5 SUSE Integrates Kubernetes with Cloud Foundry in Cloud Application Platform
EFS for System Admins Page 3
| No Policy | Empty Policy | |
| System without domain membership | Disables EFS | Disables EFS |
| System with domain membership | Depends on OU and domain settings | Depends on OU and domain settings |
As far as OU and domain recovery policies are concerned, both 'no policy' and an 'empty policy' will have different outcomes because of how recovery policy settings are inherited.
7 Having no policy applied disables policy at whichever level it were set. For example, if you had no policy applied at the domain level, it would only apply to computers at that level, and any lower level policies (such as OU or local policies) would still take effect.
7 Applying an empty policy at any level disables EFS at that level and all lower levels as well.
As such, if you wanted to disable EFS throughout an entire domain, the easiest way would be to simply remove all recovery agents from the domain-level policy, leaving it empty.
And there it is. EFS, while easy to configure for the user, certainly involves a little more consideration from the System Admin. I hope this article has provided you with a solid overview of
EFS, a better understanding of how it actually works, and some important details about how it might impact you in your day-to-day dealings with Windows 2000. If you have any questions or comments about this article, or ideas about a topic you would like me to write about in the future, please email me at
dan@win2000trainer.com
Until next time,
Dan
http://www.win2000trainer.com
