EFS Certificate Configuration Updater

Enable the tool to replace actively-used cert with another issued from the same CA & cert template (pvt key compromise scenario)

User lalkin requests: "I'd like to be able to use this tool to change the actively used cert but both certs have been issued by the same CA and use the same template." "I'm working on designing wor...

Vista: UAC elevation reportedly occurs at some point during execution of the tool

User lalkin reports: "First, this tool seems to require admin access in Vista (it activates the UAC). That prevents a non-admin from using the tool." Firstly, I should add additional trace logging...

Examine these CryptoAPI p/invoke extension samples for any useful functionality

http://msdn2.microsoft.com/en-us/library/ms867087.aspx

Rename/refactor the Certs namespaces & app-specific namespace

Currently, the CertificateFunctions and EFSCertificateFunctions classes - they're currently members of the ParanoidMike namespace. I'd like them to work more like: namespace ParanoidMike.Certific...

Migrate the command-line parameter functionality to Codeplex' Command Line Parser Library

I don't like the way the CommandLine library (Peter Hallam, Microsoft) works, and it has a lot of FxCop violations (and is very disorganized).  I'm inclined to clean this up, but since it's not bei...

Log whether the "do not enroll self-signed certs" feature has been enabled

On Windows XP SP3, Windows Vista, Windows 2008 and beyond, there is a setting that allows an Administrator to prevent any future enrollment of self-signed EFS certificates.  This is enabled through...

Migrate the Usage strings from DisplayUsage() to the Arguments/CommandLine classes

Specific Trace Logging additions

Add Trace Logging for the following events/findings: - the current EFS CertificateHash (what's found before updating) - if no CertificateHash value was found - any exceptions that were encountered ...

Investigate whether all these Assembly permissions are necessary

When looking at the Project Properties, the Security tab showed green checkmarks for all these permissions, as if they would be required if this app were released as a "partial trust application": ...

Encapsulate the "CertHash value update state" in the EFSCertFunctions class - expose it as "UpdateUserEfsConfig"

I think there's too close a dependency between the Main() function and knowledge that the EFS CertHash is what needs to be manipulated to successfully "update the EFS Configuration" when a new EFS ...