Create a cluster-managed encrypted file share

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To create a cluster-managed encrypted file share

  1. Open Cluster Administrator.

  2. Create a cluster-managed file share.

    For more information, see "To create a cluster-managed file share" in Related Topics.

  3. In the console tree, double-click Groups, and then click the group that contains the File Share resource that you created in step 2.

  4. In the details pane, click the Network Name resource in that you will use to connect to this file share.

  5. On the File menu, click Take Offline.

  6. On the File menu, click Properties.

  7. On the Parameters tab, select Enable Kerberos Authentication, and then click OK.

  8. In the details pane, click the Network Name resource for the file share.

  9. On the File menu, click Bring Online.

  10. On the domain controller, configure all accounts used by the cluster nodes to be trusted for delegation. You must also configure the computer account used by the Network Name resource on which you enabled Kerberos to be trusted for delegation.

    For more information, see "To allow a user to be trusted for delegation" in Related Topics.

    Important

    • The group containing the file share resource is a virtual server because it contains a Network Name and an IP Address resource. All accounts used to connect to this virtual server must also be trusted for delegation.

  11. On the domain controller, enable roaming profiles for all users or service accounts that store data in the folder managed by the File Share resource.

    For more information, see "To create a roaming user profile" in Related Topics.

    Important

    • Enabling roaming profiles ensures that the encryption keys for a folder are still valid even when the File Share resource managing that folder fails over.

  12. Enable encryption on the folder managed by the File Share resource.

    For more information, see "To encrypt a file or folder" in Related Topics.

Note

  • To open Cluster Administrator, click Start, click Control Panel, double-click Administrative Tools, and then double-click Cluster Administrator.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Create a cluster-managed file share
Virtual servers
Allow a user to be trusted for delegation
Create a roaming user profile
Encrypting File System overview
Encrypt a file or folder