Hi, I'm using hardlinking with USMT 4 via SCCM OSD. We have discovered an issue where users are reporting that not all folders are coming back. Specifically, it appears encrypted subfolders do not make it back with loadstate. Here is my OSDMigrateAdditionalCaptureOptions Variable: /nocompress /hardlink /uel:60 I tried to look at things like /efs:hardlink, but that tells me /efs:copyraw is already used as a default with USMT 4.0. I have a few options it appears: 1) Try and find scanstate variables that will help me. 2) Try and find loadstate variables that will help me. 3) Try and decrypt encrypted folders as part of my task sequence. If anyone has any suggestions for 1 or 2, please let me know. In regards to 3, I'm not very versed with much usage on EFS, but I learned a ton today. I have the recovery cert in my possession, but it really does no good to me to manually pop it into my user store. Nor does it do any good to try and user certutil if I don't know where I should be putting it with a batch file. Essentially, I am looking to have a batch file that: certutil to place the recovery cert into a system account store to run cipher /d /i /s:"c" certutil remove cert My issues seem that everything I read about EFS has to do with manually popping something into a user store to do recovery. From an enterprise perspective, if I'm re-imaging a whole bunch of machines every night, I should be able to have an ability to decrypt folders with the key under system context in a batch file. You would think that is possible? Anyone who has experienced the vanishing encrypted subfolders with hardlinking, please comment!

can u post your task sequence please?

I'll give you the scanstate and the loadstate, and we can go from there. Machines have EFS encryption on their Vista user profiles. Scanstate defaults with SCCM, with OSDMigrateAdditionalCaptureOptions set at: /nocompress /hardlink /uel:60 Looks like all data in c:\usmt (data store) is there after scanstate Loadstate is: \\servername\loadstate.exe c:\usmt /i:\\servername\smspkgd$\pkgname\amd64\migapp.xml /i:\\servername\smspkgd$\pkgname\amd64\migdocs.xml /lac /c /nocompress /hardlink /ui:domainname\* /ue:%computername%\* /l:c:\%computername%.log Also tried these variables thus far with the same issues, where encrypted folders do not bring back subfolders. \\servername\loadstate.exe c:\usmt /i:\\servername\smspkgd$\pkgname\amd64\migapp.xml /i:\\servername\smspkgd$\pkgname\amd64\migdocs.xml /lac /lae /c /nocompress /hardlink /ui:domainname\* /ue:%computername%\* /l:c:\%computername%.log \\servername\loadstate.exe c:\usmt /i:\\servername\smspkgd$\pkgname\amd64\migapp.xml /i:\\servername\smspkgd$\pkgname\amd64\migdocs.xml /c /nocompress /hardlink /ui:domainname\* /ue:%computername%\* /l:c:\%computername%.log \\servername\loadstate.exe c:\usmt /i:\\servername\smspkgd$\pkgname\amd64\migapp.xml /i:\\servername\smspkgd$\pkgname\amd64\migdocs.xml /c /hardlink /nocompress /ui:domainname\* /ue:%computername%\* /l:c:\%computername%.log I have removed servers and domains from the post for obvious reasons.