Vista and Encrypted offline files
Hello all. I have a problem with Windows Vista and encrypted offline files. When I set a shared folder offline and encryption is off everything works perfectly. When I turn on encryption for offline files the files are no longer accessible and won't sync. Every file that the OS tries to sync gets an "access denied" error. If the PC is offline and I try to access a cached file it returns an access denied error.Some background: We have a Windows 2003 server domain and the PC I have been testing with has a fresh install of Windows Vista SP1 (32bit) and nothing is loaded but the OS. I have performed the same testing on Vista 64bit and Windows7 but got the same results. All of the test PC's were joined to our domain.In every scenario I have worked success comes down to whether offline file encryption is on or off. I have tried setting folders as offline from shares on 2003 server, 2008 server, 2008 R2 server and from peer workstations.If I set a new folder to offline and encryption is off every file is properly synced. If encryption is on every file gets an access denied message. If a folder is already cached offline with encryption off and I turn encryption on the unencrypted files are still available locally but unable to sync (with network connected). I can create an empty doc but get an access denied error if I try to edit it. If I disconnect from the network then all attempts to access the cached files result in an access denied error. The offline files event logs don't add any value here as, at best, they simply note that "access was denied", etc.I have found others who have had similar issues going back as far as 2007 but none seemed to have found an answer.Does anyone have any suggestions as to what might be causing this? If I can't get encryption working for offline files then I will not be able to use it so I can't just disable encryption.Sorry for being so verbose and thanks in advance.Shaun
February 27th, 2009 10:29pm

Hi Shaun, Thank you for posting. Based on my research, I would like to suggest the following: 1. Please check the following Group Policy settings on the Windows Vista computer: Please ensure both the following keys are enabled Computer Configuration \ Administrative Templates \ Network \ Offline Files \ Encrypt offline files cache Computer Configuration \ Windows Settings \ Security Settings \ Public Key Policies \ Encrypting File System \ Allow users to encrypt files using Encrypting File System (EFS) Disabled 2. Please Check EFS Recovery Agent Certificate is enabled and not expired in default domain policy, and also double confirm if the EFS certificate has expired on both the server side and client side. 3. You can also try to re-register the CSCUI.DLL by running the following with a elevated command prompt: REGSVR32 /S CSCUI.DLL 4. Please check if all the files cannot be accessed of just part of them. Does the issue only happen on new documents? If the issue persists, please check if there any EFS related error appeared. Hope this helps.Nicholas Li - MSFT
Free Windows Admin Tool Kit Click here and download it now
March 3rd, 2009 3:13pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics