EFS recovery policy contains invalid recovery certificate..

Discussion in 'Security Software' started by capricorn, Aug 11, 2004.

  1. capricorn

    capricorn Guest

    I've a problem aboute EFS.. I have Win2003 Adv. Server as a DC in my
    network.. When I try to encrypte a file/folder, I get an error message:
    "Recovery policy configured for this system contains invalid recovery
    When I look at the Event Logs, I get this error:

    Event Type: Error
    Event Source: EFS
    Event Category: None
    Event ID: 6028
    Date: 11.08.2004
    Time: 17:03:23
    User: N/A
    Computer: DCCALIK
    EFS recovery policy contains invalid recovery certificate.

    For more information, see Help and Support Center at

    I search for Event ID 6028 but could not find anything about EFS..
    What should I do??

    capricorn, Aug 11, 2004
    1. Advertisements

  2. capricorn

    Miha Pihler Guest


    Somewhere in your domain (or OU policy) you have a recovery agent
    certificate defined that expired. You can have multiple recovery agent
    defined at multiple levels. If anyone of them expire users are prohibited
    from using EFS.

    Recovery agents are defined here:

    Open group policy at appropriate level (OU, domain, ...) and under Computer
    Configuration expand Windows Settings > Security Settings > Public Key
    Policies > Encrypting File System.

    Miha Pihler, Aug 11, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.