Recently I had the need to create a script which could be ran by end users or placed in a user login script to encrypt sensitive user data on corporate desktops and notebooks.
The code below is a simple process which does a few things:
1: Encrypts all data in the logged in users “My Documents” folder
2: Encrypts all data in the logged in users “Outlook” folder. This is the default location Outlook 2000 and Outlook 2003 stores .pst and .ost files.
3: Pipes all output from the script into a file for later collection. The file can be located under the logged in user’s “My documents”. The file will be called %computername%.efs
@echo off
REM EFS MyDoc & Outlook EFS Encryption Script Version 1.0
REM http://www.groovyPost.com
REM ??????????????????????????????
REM Script Created by MrGroove (groovyPost.com)
REM ??????????????????????????????
REM This program is free software; not to be redistributed
REM without permission of groovyPost.com
REM ??????????????????????????????
REM ??????????????????????????????
REM ======================================================
REM First, let?s create a file to store all the work were doing.
echo ?????? >> “%userprofile%\my documents\%computername%.efs”
echo ?????? >> “%userprofile%\my documents\%computername%.efs”
REM ======================================================
echo %date% %time% >> “%userprofile%\my documents\%computername%.efs”
REM ===================================================
cipher /u >> “%userprofile%\my documents\%computername%.efs”
REM ===================================================
REM Begin encryption of the “my document” folder
cipher /a /e /h /i /q /s:”%userprofile%\my documents” >> %userprofile%\
my documents\%computername%.efs”
REM ======================================================
REM Begin encryption of the “Outlook” folder where the OST and PST files are stored
cipher /a /e /h /i /q /s:”%userprofile%\Local Settings\Application Data
\Microsoft\Outlook” >> “%userprofile%\my documents\%computername%.efs”
REM ==================================================
REM More House Keeping
echo %date% %time% >> “%userprofile%\my documents\%computername%.efs”
echo ??????? >> “%userprofile%\my documents\%computername%.efs”
echo ??????? >> “%userprofile%\my documents\%computername%.efs”
REM ==================================================
REM ==================================================
REM All Done!
Thanks to QueQui for letting me know the script above had been damaged during posting/conversion to wordpress…??? Anyway, should be good now (and below in the comments).
Tags: client, efs, encryption, howto, script, security, vista, xp
[...] a later article, I’ll explain how to use the built-in EFS encryption features of Windows XP and VISTA to protect sensitive files and [...]
I get a script error, invalid character line 1 / 6. Can one just copy and paste this script or do you need to delete some of the characters?
[...] Hard Drive. I’ll write an article on this subject shortly but for now, take a look at this article. It’s a bit “GEEKY” so I’ll follow it up shortly with an article which [...]
Script with Corrections
@echo off
REM EFS Encryption Script Version 1.0
REM ======================================================
REM First, let?s create a file to store all the work were doing.
echo ?????? >> “%userprofile%\My documents\%computername%.efs”
echo ?????? >> “%userprofile%\My documents\%computername%.efs”
REM ======================================================
echo %date% %time% >> “%userprofile%\My documents\%computername%.efs”
REM ===================================================
cipher /u >> “%userprofile%\My documents\%computername%.efs”
REM ===================================================
REM Begin encryption of the ?my document? folder
cipher /a /e /h /i /q /s:”%userprofile%\My Documents” >> “%userprofile%\My documents\%computername%.efs”
REM ======================================================
REM Begin encrption of the ?Outlook? folder where the OST and PST files are stored
cipher /a /e /h /i /q /s:”%userprofile%\Local Settings\Application Data\Microsoft\Outlook” >> “%userprofile%\My documents\%computername%.efs”
REM ==================================================
REM More House Keeping
echo %date% %time% >> “%userprofile%\My documents\%computername%.efs”
echo ??????? >> “%userprofile%\My documents\%computername%.efs”
echo ??????? >> “%userprofile%\My documents\%computername%.efs”
REM ==================================================
REM ==================================================
REM All Done!
@Quequi, Hey there! I appreciate your feedback and notifying me that the page was messed up. Not sure how or when it happend but all my ” had become ? and all my \ had been removed. Wordpress or Live Writer must have done something funky and I didn’t even know it!
Thanks for the re-write and notification and…. If you feel up to the task to build another script for Windows 7 and Windows Vista, let me know or post it in the forum.
It seems wordpress has messed up your code again. There are a ton of ????????’s scattered through out it.
@Mike,
Super.. Thnx for the fyi.