XP SP2 encryption

[Guest]

We are having issue with Windows XP SP2 encryption, when we try to encrypt a
folder we get this error message" Recovery Policy Configured for this system
cotains invalid certificate"

We also can open the files in the encrypted folder with read only access.

any idea would be appreciated.

thanks

 

[Shenan Stanley]

We are having issue with Windows XP SP2 encryption, when we try to
encrypt a folder we get this error message" Recovery Policy
Configured for this system cotains invalid certificate"

We also can open the files in the encrypted folder with read only
access.

any idea would be appreciated.

Search using Google!
http://www.google.com/
(How-to: http://www.google.com/intl/en/help/basics.html )

Using Google to search for the exact error message you gave (correcting the
typo...):
"Recovery Policy Configured for this system contains invalid certificate"

Came up with a hit I believe you may find useful:
http://technet2.microsoft.com/Windo...2b3b-483e-8f70-34c3c2b9d8021033.mspx?mfr=true

Where it states, "...When encrypting a file, a message appears: 'Recovery
policy configured for this system contains invalid recovery certificate' or
'ERROR_BAD_RECOVERY_POLICY.'

Cause: The Encrypting File System (EFS) recovery policy that is implemented
on this computer contains one or more EFS recovery agent certificates that
have expired. These certificates cannot be used.

Solution: Either renew the existing certificates or generate new
certificates for the EFS recovery agents and reapply the recovery agent
policy with those certificates. If your computer is on a domain, contact
the system administrator.

See also: Requesting certificates (
http://technet2.microsoft.com/WindowsServer/en/library/590fcc3e-c54f-48b7-95f2-45ee2255fc111033.mspx )
or Renewing certificates (
http://technet2.microsoft.com/WindowsServer/en/library/4e7a3461-a1e9-4dee-b7cb-7683f03a78241033.mspx )
.. ..."

Good Luck!

 

[Guest]

Thanks I found out after the posting

once again thanks for the quick reply.

 

[JLWarlow]

Search using Google!
http://www.google.com/
(How-to: http://www.google.com/intl/en/help/basics.html )

Using Google to search for the exact error message you gave (correcting the
typo...):
"Recovery Policy Configured for this system contains invalid certificate"

Came up with a hit I believe you may find useful:
http://technet2.microsoft.com/Windo...2b3b-483e-8f70-34c3c2b9d8021033.mspx?mfr=true

Where it states, "...When encrypting a file, a message appears: 'Recovery
policy configured for this system contains invalid recovery certificate' or
'ERROR_BAD_RECOVERY_POLICY.'

Cause: The Encrypting File System (EFS) recovery policy that is implemented
on this computer contains one or more EFS recovery agent certificates that
have expired. These certificates cannot be used.

I've seen this at 2 companies I've worked at, I think it's deliberately
done by the Sys admins to prevent users from encypting files on their
hard disks, losing their keys and then calling for help when they can't
decrypt their files. I'd have thought encryption would be a good thing
with the amount of laptops being left in taxi's/stolen from cars!