Automate Microsoft EFS Encryption

Jul 26th, 2007 by MrGroove

Recently I had the need to create a script which could be ran by end users or placed in a user login script to encrypt sensitive user data on corporate desktops and notebooks.

The code below is a simple process which does a few things:
1: Encrypts all data in the logged in users “My Documents” folder
2: Encrypts all data in the logged in users “Outlook” folder. This is the default location Outlook 2000 and Outlook 2003 stores .pst and .ost files.
3: Pipes all output from the script into a file for later collection. The file can be located under the logged in user’s “My documents”. The file will be called %computername%.efs

@echo off

REM EFS MyDoc & Outlook EFS Encryption Script Version 1.0

REM http://www.groovyPost.com

REM ??????????????????????????????-

REM Script Created by MrGroove (groovyPost.com)

REM Copyright groovyPost.com.com

REM ??????????????????????????????-

REM This program is free software; not to be redistributed

REM without permission of groovyPost.com

REM ??????????????????????????????-

REM ??????????????????????????????-

REM ======================================================

REM First, let?s create a file to store all the work were doing.

echo ?????? >> ?%userprofile%my documents%computername%.efs?

echo ?????? >> ?%userprofile%my documents%computername%.efs?

REM ======================================================

echo %date% %time% >> ?%userprofile%my documents%computername%.efs?

REM ===================================================

cipher /u >> ?%userprofile%my documents%computername%.efs?

REM ===================================================

REM Begin encryption of the ?my document? folder

cipher /a /e /h /i /q /s:?%userprofile%my documents? >> ?%userprofile%

my documents%computername%.efs?

REM ======================================================

REM Begin encrption of the ?Outlook? folder where the OST and PST files are stored

cipher /a /e /h /i /q /s:?%userprofile%Local SettingsApplication Data

MicrosoftOutlook? >> ?%userprofile%my documents%computername%.efs?

REM ==================================================

REM More House Keeping

echo %date% %time% >> ?%userprofile%my documents%computername%.efs?

echo ??????? >> ?%userprofile%my documents%computername%.efs?

echo ??????? >> ?%userprofile%my documents%computername%.efs?

REM ==================================================

REM ==================================================

REM All Done!

Tags: client, efs, encryption, howto, script, security, vista, xp

Visitor Options

Related Articles

Category: Vista, XP | 2 Comments

2 Responses to “Automate Microsoft EFS Encryption”

on 25 Jul 2007 at 8:44 pm1groovyPost » Blog Archive » Find the Microsoft Outlook temporary OLK folder

[...] a later article, I’ll explain how to use the built-in EFS encryption features of Windows XP and VISTA to protect sensitive files and [...]
on 12 Mar 2008 at 9:51 am2Jim C

I get a script error, invalid character line 1 / 6. Can one just copy and paste this script or do you need to delete some of the characters?

Trackback URI | Comments RSS

groovyPost

Groovy Technical and How To Articles for New and Advanced Computer Users

Automate Microsoft EFS Encryption

2 Responses to “Automate Microsoft EFS Encryption”

Leave a Reply

User Options:

Categories

Recent How To's