There is no encryption recovery policy configured for this system

I am running a 2003 AD. I defined an EFS policy at the domain level.
DRAs were successfully imported. I am able to encrypt folders & files
on XP & 2003 servers with no problem. EFSinfo shows the correct info
on XP & 2003. However, I am not able at all to encrypt files & folders
on 2000 workstations & servers. When I try to do so, I get the
following error message:

=============================================================
Error Applying Attributes
An error occurred applying attributes to the file:

file name

There is no encryption recovery policy configured for this system.
==============================================================

All of the 2000 systems are in the same domain as the XP & 2003. I can
see the DRA certificates in the 2000 registry (Software\Policies
\Microsoft\SystemCertificates\EFS\Certificates). GPresult shows the
correct settings


Is there a reason why EFS is failing on the 2000 systems? Your help is
appreciated.

.

Relevant Pages

  • Re: StartService() API and encrypted file systems.
    ... But users have full freedom to encrypt folders. ... A product that is to or can be run as a NT Service, need to take it into account - at least be in its KB or FAQ. ... 'transparent' privilege to access it, ...
    (microsoft.public.win32.programmer.kernel)
  • Encrypt profile directory
    ... I have EFS ready to roll-out to a few laptops (with proper backups and DRAs) and am wondering how safe is it to encrypt the user's entire profile directory? ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Folder Encrypton
    ... > In attempting to encrypt folders in XP (file prop., ... compress or encrypt attributes) the check box to ...
    (microsoft.public.windowsxp.security_admin)
  • Folder Encrypton
    ... In attempting to encrypt folders in XP (file prop., ... compress or encrypt attributes) the check box to ...
    (microsoft.public.windowsxp.security_admin)