I have a problem that I think it is a bug that Windows Vista SP1 have. The following is the problematic scenario:Suppose I have a domain named Contoso.com and I have installed an Enterprise CA on my first Domain Controller and I have two PCs: Windows XP Professional with SP3 and Windows Vista SP1 and I have a member server with Windows Server 2003 R2 with SP2.Also suppose I want to use EFS on my network, so I have created a Web Folder (WebDAV) on my Windows Server 2003 member server.I have two users in this scenario: User-1 and User-2. User-1 uses Windows XP machine and User-2 uses Windows Vista machine.User-1 encrypts a .doc file in his computer by using Basic EFS template and then adds User-2 certificate to this file (to share the file with User-2) and then copies the file to the Web Folder on the member server.And also, User-2 encrypts a .doc file in his computer by using Basic EFS template and then adds User-1 certificate to this file (to share the file with User-1) and then copies the file to the Web Folder on the member server.Now, User-2 can successfully open the User-1's file that is in the Web Folder but User-1 cannot read the User-2's file...After some troubleshooting steps, I realized that when User-2 copies his encrypted file to the Web Folder, the Use-1 entry in the "Encryption Details For" window is automatically deleted so User-1 cannot open and read the file. Why?As I said before, Windows XP does not have this problem.-Reza

Hi Reza, In order to know the root cause, let's make some tests. 1. In Windows Vista, please create a folder, create and encrypt a document and add User-1 certificate for it. Then, share this folder on network, and then try to access the document in your Windows XP computer. Does the issue occur? Then please log on the Windows Server 2003 member server with the account User-1, and access the document that is shared on Windows Vista/ Does the issue still occur? If the issue occurs, please check if the certification for User-1 is still present (in the "Encryption Details For" window). 2. Copy the EFS encrypted files from a local folder to a normal shared folder on the file server (instead of the WebDAV folder) to see how it works. 3. Copy the EFS encrypted files from a local folder to another local folder on the same Windows Vista computer and then check how it works. 4. Please create another domain account. Please add User-3 as certificated account for the encrypted document, copy the document onto the Web Folder. Please let me know if User-3 can access this folder. 5. Please let me know in your original scenario and the second step, if you would access the folder with User-1 on the Windows Vista computer. Also please use EFSINFO to extract information of the files. Download details: Windows 2000 Resource Kit Tool : Encrypted File Info (efsinfo.exe) http://www.microsoft.com/downloads/details.aspx?FamilyID=9c70306d-0ef3-4b0c-ab61-81da208f5c47&DisplayLang=en Using Efsinfo.exe to determine information about encrypted files http://support.microsoft.com/kb/243026 Please use the Efsinfo.exe tool to determine Users who can decrypt the encrypted file and who is the recovery agent for it: efsinfo /r /c /u Path\FileName >C:\efsinfo1.txt Please run the above command for the problematic file and the C:\test001.txt file if it works correctly. We need to note that the EFS on Windows Vista is different than it in Windows XP and Windows Server 2003. Error message when you try to open an EFS-encrypted file in Windows XP or in Windows Server 2003 after the file has been opened in Windows Vista: "Access is denied" http://support.microsoft.com/kb/939391 Please confirm if the Windows Vista has Service Pack 1. Please click Start. In the Start Search box type "winver" and press Enter. Please check if the system version is Service Pack 1.