How to define in the recovery policy a recovery certificate for a certain encrypted file (with EFS...) ?
Hello, If I have a recovery certificate for my encrypted files with EFS, and the old certificate and private key are expired and lost too - How can I actually to open the recovery policy and defining there that certain recovery certificate for my encrypted file/s - so I will then be able to update my file/s with this new certificate and then recover them???
January 25th, 2008 3:03am

Hi, Please refer to the following article for detailed steps: Create a recovery certificate for encrypted files http://windowshelp.microsoft.com/Windows/en-US/Help/90cdd1fe-9cbb-4adc-bccf-7d613425e15e1033.mspx#E2F Hope it helps. Sincerely, Joson Zhou Microsoft Online Community Support
Free Windows Admin Tool Kit Click here and download it now
January 28th, 2008 6:42am

All steps detailed at this article have been completed as exactly it says, but when I do right click on one of the encrypted files and choose properties, and then at the general tab I press Advanced, and then I press on Details next to the line "Encrypt contents to secure data" - I then get a new dialog box, and at the section under "Recovery Certificates for this file as defined by recovery policy" - there is no one single recovery certificate listed there. In addition,under the section "Users who can access this file" I do see my old certificate listed there with my user name and old Certificate Thumbprint (a certificate which has already expired, and I don't have it anymore installed, and I can't import it back because it is one of the encrypted files along side with the private key...). In addition, how can we open the recovery policy editor, what command open it, or in which of the Management Consoles or any type of component in Windows can it be found?? Maybe the specific recovery certificate can be assigned to the specific encrypted file in the recovery policy editor... Best Regards,Michel Korn.
January 28th, 2008 3:37pm

Hi Michel Korn, As this thread is duplicated with the thread http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=2730124&SiteID=17, I would like tochange theissue typeofit as Comment and continue our discussion in the other one. Thank you for your understanding. Sincerely, Joson Zhou Microsoft Online Community Support
Free Windows Admin Tool Kit Click here and download it now
February 1st, 2008 1:13pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics