We then configure the certificate service we just installed
I'm instructed to add a user "bob" through the server properties panel.
Having added the user "bob" we can now set up a new certificate for him to try to connect to
Logging in as user bob on the client VM and navigating to server.classroom.local, I get the option to "Submit a certificate request"
Here I'm adding a certificate snap in to the root certificates on bobs account
Where some of my classmates have experienced significant trouble, I fixed the authentication problem in this part of the exercise simply by restarting the VM.
I log into sue's user and make a folder called Secrets, create various files and proceed to encrypt this folder.
I follow up by exporting sues certificate, then deleting it. I now log back into Bob's account to utilise his GP EFS recovery options to unlock her files. Because we authenticated bob with the EFS recovery certificate earlier and added granted him this access in the group, he is able to unlock Sue's files.
I found this a long and partly unnecessary lab. It is hilariously detailed, but then still manages to leave out some important aspects. I would also like a greater explanation of why we perform certain actions in the assignments, as this is the purpose of a "training manual". It defeats the purpose of following the detailed instructions if we still have to spend hours googling the results after. More references to the contents of the book itself would also be appreciated.
I was however surprised to see an admin might have access to encrypted files in a GP.