How to use EFS in AD Domain environment ?


G

Guest

My PC(XP SP2) is joined to Winsdows 2003 Active Directory.
When I tried to enable EFS, I got the following Error.

EFS recovery policy contains invalid recovery certificate.
Event ID: 6028

And then I check the group policy (gpedit.msc)
Computer Configuration\Windows Settings\Security Settings\ Public Key
Policies\Encrypted Data Recovery Agents node,
but I can not find any certificate.

Where can I find the invalid recovery certificate ?
Or, do you have any solution?
 
Ad

Advertisements

J

John Wunderlich

My PC(XP SP2) is joined to Winsdows 2003 Active Directory.
When I tried to enable EFS, I got the following Error.

EFS recovery policy contains invalid recovery certificate.
Event ID: 6028

And then I check the group policy (gpedit.msc)
Computer Configuration\Windows Settings\Security Settings\ Public
Key Policies\Encrypted Data Recovery Agents node,
but I can not find any certificate.

Where can I find the invalid recovery certificate ?
Or, do you have any solution?

Try one of these articles... they might point you to where they're
stored:

How to add an EFS recovery agent in Windows XP Professional
<http://support.microsoft.com/kb/887414/en-us>

"How to back up the recovery agent Encrypting File System (EFS)
private key in Windows Server 2003, in Windows 2000, and in Windows
XP"
<http://support.microsoft.com/kb/241201/en-us>

"Best practices for the Encrypting File System"
<http://support.microsoft.com/kb/223316/en-us>

HTH,
John
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top