CAPolicyinf File Sections

Within the CAPolicy.inf file, there are several predefined sections, each of which defines specific settings for Certificate Services. These sections and related decisions regarding their contents are outlined here, as well as whether the section applies to root CA installations, subordinate CA installations, or to both root and subordinate CA installations. The Version section defines that the .inf file uses the Windows NT format. This section must exist for both root and subordinate CA...

Defining EFS Recovery Agents

Defining an EFS Recovery Agent involves two steps 1. Obtain a certificate with the File Recovery application policy OID or EKU if using Windows 2000 . 2. Designate the certificate as the EFS Recovery Agent in the domain or local group policy . Obtain an EFS Recovery Agent Certificate The first step is to ensure that the user assigned the EFS Recovery Agent role acquires an EFS Recovery Agent certificate. An EFS Recovery Agent certificate includes the File Recovery application policy OID...