DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 221997 - Last Review: October 20, 2013 - Revision: 4.1

This article was previously published under Q221997
This article has been archived. It is offered "as is" and will no longer be updated.

SUMMARY

When you join a domain and log on with a domain account, you may not be able to gain access to files previously encrypted with the Encrypting File Service (EFS).

To gain access to files encrypted under a local user context, you must log on with that local account and then decrypt the files.

MORE INFORMATION

Windows 2000 includes the ability encrypt files and folders with a new, CryptoAPI-based service known as EFS. Files and folders that have been configured to use EFS are completely undecipherable except to the user who originally encrypted them.

Folders themselves are not encrypted, but are marked so that files created in them will be encrypted. The user who created the file might not be the only user who can decrypt the file. All recovery agents can also decrypt the file.

NOTE: You can import keys. It is possible for a local account to import the key of a domain account and have access.

APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Professional Edition
Keywords: 
kbnosurvey kbarchive kbinfo KB221997
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support