EFS recovery policy contains invalid recovery certificate..

Discussion in 'Security Software' started by capricorn, Aug 11, 2004.

  1. capricorn

    capricorn Guest

    Hi,
    I've a problem aboute EFS.. I have Win2003 Adv. Server as a DC in my
    network.. When I try to encrypte a file/folder, I get an error message:
    "Recovery policy configured for this system contains invalid recovery
    certificate".
    When I look at the Event Logs, I get this error:

    Event Type: Error
    Event Source: EFS
    Event Category: None
    Event ID: 6028
    Date: 11.08.2004
    Time: 17:03:23
    User: N/A
    Computer: DCCALIK
    Description:
    EFS recovery policy contains invalid recovery certificate.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.



    I search for Event ID 6028 but could not find anything about EFS..
    What should I do??

    Capricorn
     
    capricorn, Aug 11, 2004
    #1
    1. Advertisements

  2. capricorn

    Miha Pihler Guest

    Hi,

    Somewhere in your domain (or OU policy) you have a recovery agent
    certificate defined that expired. You can have multiple recovery agent
    defined at multiple levels. If anyone of them expire users are prohibited
    from using EFS.

    Recovery agents are defined here:

    Open group policy at appropriate level (OU, domain, ...) and under Computer
    Configuration expand Windows Settings > Security Settings > Public Key
    Policies > Encrypting File System.

    Mike
     
    Miha Pihler, Aug 11, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.