Re: EFS Recovery Agents

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "S.Sengupta" <ssengupta_@xxxxxxx>
Date: Sat, 30 Apr 2005 17:29:19 +0530

This happens if the Encrypting File System (EFS) recovery policy implemented on this computer contains one or more EFS recovery agent certificates that have expired. These certificates cannot be used.

Either renew the existing certificates or generate new certificates for the EFS recovery agents and reapply the recovery agent policy with those certificates.

regards,
ssg MS-MVP

Stiltripin wrote:

Running Windows XP SP2 in a active domain network. When domain users attempt to encrypt a local folder they receive the following error: "An error occured applying attributes to the file: C:\{local folder} Recovery policy configured for this system contains invalid recovery certificate".

When I go to the Domain Security Policy | Encrypted Data Recovery Agents it shows a certificate that expired 4/12/05. I'm unable to renew the certificate and can not create a new agent.

How do I resolve this issue?

References:
- EFS Recovery Agents
  - From: Stiltripin

Prev by Date: Re: What is i42pefrp.exe ??
Next by Date: Re: What is i42pefrp.exe ??
Previous by thread: EFS Recovery Agents
Next by thread: OLD AND NEW DVD PLAYERS
Index(es):
- Date
- Thread

Relevant Pages

Re: EFS (Encrypting File System) - Unable to define Recovery Agent
... > I have recently just installed Win XP Pro. ... > setting up a recovery agent and/or to export the existing default recovery ... > I attempted to use certificates snap in to create a recovery ... to create the DRA cert and key - best done while logged in as ...
(microsoft.public.windowsxp.security_admin)
Re: Certificate Templates - Should I delete any?
... > We are planning to deploy EFS. ... Delete alle other Templates from this folder. ... > automatically begin to issue certificates to workstations & domain ... Enroll the "recovery agent" and later deltete this template from policy ...
(microsoft.public.win2000.security)
Re: EFS Recovery Agents
... implemented on this computer contains one or more EFS recovery agent certificates that have expired. ... Either renew the existing certificates or generate new certificates for the EFS recovery agents and reapply the recovery agent policy with those certificates. ... How To Encrypt a Folder in Windows XP ... How To Remove File Encryption in Windows XP ...
(microsoft.public.windowsxp.general)
Re: ENCRYPTED DATA RECOVERY
... The certificates can not be recreated. ... The Recovery Agent needs to be designated beforehand. ... If it is an Ownership issue and not an encryption issue, ... I had made the decision to do a clean install of XP on ...
(microsoft.public.windowsxp.security_admin)
Re: Backing up Encryption Certificate
... EFS certificates are exported, imported, and removed ... by use of the Certificates MMC snapin. ... Designation of an EFS recovery agent in the local ...
(microsoft.public.windowsxp.security_admin)