Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Encryption of offline data storage using KOFF (data security question)

Messages: 6
Karma: 0
Send a private message to this user
Hello, all.

I am trying to find a way to move or encrypt the Store.FDB files for KOFF. Currently, there is no method by which the store file can be moved. My security policies require any mail storage on mobile devices be encrypted.

The preferred state would be to have Store.FDB on a Cryptainer or TrueCrypt volume, but I would accept folder-level encryption of the directory where the .FDB files are kept if anyone has recommendations. Cost is a factor here - I'm trying not to add significant expense to solve this problem.

I have tried using Junction to remap to a secure volume, but cannot make it work. Has anyone successfully used this method, and if so, what syntax did you use to create the junction?

Thanks for any help or guidance you can provide.

[Updated on: Fri, 29 May 2009 18:00]


Messages: 471
Karma: 0
Send a private message to this user
EFS, BitLocker, etc

Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users

Messages: 6
Karma: 0
Send a private message to this user
Thanks for the reply. I had already thought of that, but did not want to take that route. The preferred method was to have the data reside on a secure volume.

For what it's worth, I just did finally figure out what I did wrong using Junction. My problem was with the command syntax and pre-populating the junction folder.

The steps I took to make this work are as follows:

    Assumption1: You have installed KOFF and have created a profile in Outlook
    Assumption2: You have a secure volume with a drive letter associated
    Assumption3: You have installed Junction on your PC

-Access C:\Documents and Settings\[USER PROFILE]\Local Settings\Application Data\Kerio and move that entire directory to the root of your secure drive. This will be your "junction target".

-In C:\Documents and Settings\[USER PROFILE]\Local Settings\Application Data\, create an empty directory named "Kerio". This will be your "junction directory".

-Open a command window and browse to the directory where "Junction.exe" exists. Enter the following command:

junction C:\Docume~1\[USER PROFILE]\Locals~1\Applic~1\Kerio [secure drive letter]:\Kerio

Note that in the above command, it is necessary to enter the directory names in MS-DOS-compatible (short) file name format - long file names are not supported. This is what was tripping me up when I tried to set up the junction initially. Also note that there is a space between the junction directory and target directory entries.

This worked for me and now my Kerio offline data is encrypted.

Hope this helps anyone else trying to do the same.
Previous Topic: GAL , and switching domain Public Folder settings, questions.
Next Topic: 6.7.0 GAL E-mail address incorrect if OD LDAP user had multiple UIDs
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 22:55:21 CET 2017

Total time taken to generate the page: 0.00421 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.