RE: My Documents inaccessible when Offline Files are encrypted in Vista through GPO
- From: v-mileli@xxxxxxxxxxxxxxxxxxxx (Miles Li [MSFT])
- Date: Wed, 25 Feb 2009 10:42:56 GMT
Hello Daniel,
Thank you for posting here.
According to your description, I understand that:
You receive the Access Denied error when you attempt to access the a new
file in the redirected My Document folder.
If I have misunderstood the problem, please don't hesitate to let me know.
Suggestions:
======================
Yes, as you mentioned, when you encrypt the Offline folders EFS is used for
encrypt the local CSC for offline folders. EFS needs a user certificate
with private key for encryption and decryption. Typically, the issue may
result from the expired EFS certificate. To isolate the issue, please check:
1. On the SBS server, run "gpmc.msc" to open the Group Policy management.
2. Locate the certificate for that user in Default Domain
Policy--->Computer Configuration--->Windows Settings---> Security
settings--->Public Key Polices--->Encryption file system.
3. Double click the certificate to verify whether the certificate has
expired or not.
4. If the certificate has expired, manually delete the old one, enroll a
new EFS certificate and add the new one to Encryption file system container.
5. Then log off the problematic client and log in again to check how it
works.
If the issue persists, please answer following questions for further
investigation:
1. Please make sure the EFS certificate doesn't expired on the client
computer. In the other word, I'd like to know when the issue on the Windows
Vista client begins to happen. Did it used to work well? If the issue
happens exactly after you set to encrypt offline files, I would like to
suggest you to check whether EFS certificate for that user properly
enrolled.
2. Does the issue only happen on this particular Windows Vista client? Or
does the issue persist on a specific user account? Will the issue happen if
a problematic user account logs onto a Windows XP client?
3. Does the issue only happen on new documents? Can you access/modify other
files and folders (other than those newly added)?
Hope it helps. If you have any questions or concerns, please do not
hesitate to let me know.
Best regards,
Miles Li
Microsoft Online Partner Support
Microsoft Global Technical Support Center
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- References:
- Prev by Date: Re: sbs backup / volume shadow copy problem
- Next by Date: ntbackup & wdsharespace NAS
- Previous by thread: My Documents inaccessible when Offline Files are encrypted in Vista through GPO
- Next by thread: A new member server - Windows Server 2008 + SQL Server 2008 OR Windows Server 2003 + SQL Server 2005
- Index(es):
Relevant Pages
|
