+ Post New Thread
Results 1 to 1 of 1
Windows Server 2008 R2 Thread, Offline File Encryption - outdated cert in Technical; Two days wasted on this! Apparantly someone before me upgraded one of the DCs from 2003 to 2008 R2, but ...
  1. #1
    Trapper's Avatar
    Join Date
    Apr 2007
    Thank Post
    Thanked 153 Times in 123 Posts
    Rep Power

    Offline File Encryption - outdated cert

    Two days wasted on this!

    Apparantly someone before me upgraded one of the DCs from 2003 to 2008 R2, but left the second exisiting one as 2003. From what I've read offline file encryption in XP uses a local admin account (with cert) as the decryption manager. With Win 7 it's all in Group Policy.

    In 2003 a cert was issued in AD to the Administrator account for encryption. I assume on XP it was for the high level crypto stuff. This cert was only issued for a couple of years. Mine expired in 2009.

    As it turns out of the cert has expired Win 7 starts to offline your files, then gets access denied for all users on that laptop unless your format the CSC cache and turn sync off. Even if your connected to the network, as it's still reading from the CSC cache which is encrypted, which it can't read as the cert is out of date!

    Two days of head scratching later finally figure out. You have to delete the existing cert in GPO, then create a new one. 2008 R2 issues a 100 year cert. After that it all works.

    They don't pay me enough for this crap
    Last edited by Trapper; 17th May 2012 at 10:59 PM.

+ Post New Thread

Similar Threads

  1. Encrypt Offline Files
    By HCC in forum Windows 7
    Replies: 1
    Last Post: 17th August 2010, 05:14 PM
  2. EFS encryption of XP offline files
    By robk in forum Windows
    Replies: 3
    Last Post: 25th November 2009, 09:49 PM
  3. Recover Offline Files
    By thom in forum Windows
    Replies: 15
    Last Post: 16th March 2007, 01:44 PM
  4. Replies: 2
    Last Post: 13th June 2006, 09:22 PM
  5. Offline Files
    By woody in forum Windows
    Replies: 2
    Last Post: 9th December 2005, 10:52 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts