I have created a shared folder on my NAS server called “Confidential” and enabled sharing to only an AD security group called “Confidential Files” which contains all the users that I want to have access to this folder.
Now, I want to encrypt this folder, but I can’t figure out how. AD already has the EFS certificate in the domain policy and I’m able to encrypt the folder, but when I login at a different computer with my own user account, I can see the folder and files but am unable to open them.
How do I generate a public/private key pair, encrypt the folder with it, and then publish the key/certificate to Active Directory so that all users in my security group have the key and can decrypt files in the shared folder?