Re: EFS RA works on an OU but not when the same GPO is linked to the domain root
- From: "kcsteele" <k.c.steele@xxxxxxxxx>
- Date: 27 Jul 2006 11:05:05 -0700
kcsteele wrote:
I created a GPO for an EFS Recovery Agent and added the appropriate
public key to the GPO. The GPO was linked to a test OU. User on a
machine in that OU encrypted some files. I was able to successfully
access the files w/ the defined Recovery Agent.
I then unlinked this GPO from the test OU and linked it to the domain
root. No longer can the Recovery Agent access files that have been
encrypted, even ones where the encryption has been updated.
I have the private key for the Recovery Agent in the Recovery Agent's
profile on the machine w/ the encrypted files. I also ran gpresult
which shows that the Recovery Agent GPO (from the domain root) has been
applied.
Anyone know why this might be happening?
Well for some reason it only worked when I added the RA to the Default
Domain Policy.
Anyone have an explanation as to why this happens?
.
- References:
- Prev by Date: Change Directory to Point to Another Server?
- Next by Date: Best way to set up network ID from mirrored PC..
- Previous by thread: EFS RA works on an OU but not when the same GPO is linked to the domain root
- Next by thread: VSS Error 0x80042306 - Losing all VSS Copies / not NTBackup runnin
- Index(es):
Relevant Pages
|
