Article ID: 221997 - Last Review: October 20, 2013 - Revision: 4.1
Cannot Gain Access to Previously Encrypted Files on Windows 2000
This article was previously published under Q221997
This article has been archived. It is offered "as is" and will no longer be updated.
When you join a domain and log on with a domain account, you may not be able to gain access to files previously encrypted with the Encrypting File Service (EFS).
To gain access to files encrypted under a local user context, you must log on with that local account and then decrypt the files.
Windows 2000 includes the ability encrypt files and folders with a new, CryptoAPI-based service known as EFS. Files and folders that have been configured to use EFS are completely undecipherable except to the user who originally encrypted them.
Folders themselves are not encrypted, but are marked so that files created in them will be encrypted. The user who created the file might not be the only user who can decrypt the file. All recovery agents can also decrypt the file.
NOTE: You can import keys. It is possible for a local account to import the key of a domain account and have access.
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Professional Edition
|kbnosurvey kbarchive kbinfo KB221997|