EFS not working...
When I try to encrypt a file I get an error:
An error occurred applying attributes to the file:
C:\file.txt
Recovery policy configured for this system contains invalid recovery certificate.
I have looked for expired certificates in my personal cert store but there are none. Just to be safe I've deleted all of my personal certificates, rebooted and tried again - no go. What else can cause this error?
July 21st, 2010 3:01pm
I should also add that when I click on "Advanced" in attributes -> "Encrypt contents to secure data" -> "OK" -> "OK" a certificate is created in my personal store. As you can imagine it doesn't expire any time soon.
Free Windows Admin Tool Kit Click here and download it now
July 21st, 2010 3:08pm
Your Data (EFS) Recovery Agent is expired or invalid. To configure correct EFS Recovery Agent certificate see
http://technet.microsoft.com/en-us/library/cc962057.aspx
Also check out
http://support.microsoft.com/kb/223316/en-us
http://technet.microsoft.com/en-us/library/bb457065.aspx
for more information about EFS.
Martin
July 21st, 2010 3:14pm
Thanks for the links. I didn't know how EFS worked in a domain environment. My domain was created LOONG ago so the Recovery Agent located in the Default Domain Policy GPO was expired. I was able to create a new one, refresh my policy,
logout/logon and then I was able to use EFS as expected.
Free Windows Admin Tool Kit Click here and download it now
July 23rd, 2010 3:48pm