Re: Can no longer encrypt files

From: Drew Cooper [MSFT] (dcoop_at_online.microsoft.com)
Date: 01/08/04

• Next message: Drew Cooper [MSFT]: "Re: Keep user from exiting application via close button"
• Previous message: STEVE: "trojan horse"
• In reply to: Star Fleet Admiral Q: "Re: Can no longer encrypt files"
• Next in thread: Steven L Umbach: "Re: Can no longer encrypt files"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 7 Jan 2004 15:04:18 -0800

Yup - that explains the decision in part. RAs also don't make a lot of
sense for stand-alone machines - probably only one user anyway. RAs make
more sense in domains in a larger org.

-- 
Drew Cooper [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.
"Star Fleet Admiral Q" <Star_Fleet_Admiral_Q(NOSPAM)@(SPAMNOT)hotmail.com>
wrote in message news:eC4BsSM1DHA.1744@TK2MSFTNGP12.phx.gbl...
>     It is saying the certificate for the "Recovery Agent" is invalid, not
> the actual account doing the Encryption.  If on a domain, when running
> Win2k, the designated recovery agent was the default "Domain Admin", WinXP
> there is not designated recovery agent, unless on a Win2k3 domain, which I
> believe requires you to designate a recovery agent.
>     I believe all the Hoopla about files getting encrypted and then the
> encryption key certificate gets corrupted and or destroyed (due to
reformat
> and install on the workstation) and no recovery agent was designated
> prompted these changes.
> "Mike" <anonymous@discussions.microsoft.com> wrote in message
> news:28983D92-BC2F-4D75-8005-A72CD921FE54@microsoft.com...
> > I have a user using EFS to protect some sensitive information on a
shared
> drive. This was working fine until the account password expired and was
> changed. The user reported that they could open the files, but could not
> save changes. I had the user remove the encryption from all folders, which
> was successful and they could again modify the files. We then tried to
> encrypt the files again, but an error box is displayed stating "The
Recovery
> Policy  configured for this system contains an invalid recovery
> certificate." I deleted thier certificate, and tried to encrypt the files
> again with the same result.
> >
> > The client computer is running XP Professional, the share is on a
Windows
> Server 2003 server, and the user account is an Active Directory account.
Any
> input is appreciated.
> >
> > Mike
>
>

---

• Next message: Drew Cooper [MSFT]: "Re: Keep user from exiting application via close button"
• Previous message: STEVE: "trojan horse"
• In reply to: Star Fleet Admiral Q: "Re: Can no longer encrypt files"
• Next in thread: Steven L Umbach: "Re: Can no longer encrypt files"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)