"Access Denied" when syncronizing offline files

A colleague of mine was complaining that he was experiencing Access Denied message while synchronizing his folder redirected offline files on his Windows 7 laptop machine with enabled option for encrypting the offline files cache. While he was able to successfully synchronize folder redirected offline files on his Windows 8.1 desktop workstation with disabled option for encrypting the offline files cache.
The reason for this strange behavior is that Windows for encrypting the offline files cache is using native EFS. Also, for testing purposes he tried to encrypt some folder on NTFS file system, but he was unable to do that. So, now it was easy to guess that EFS is not working as should. After checking the Data Recovery Agent in Computer Configuration\Windows Settings\Public Key Policies\Encrypting File System in Default Domain GPO, I have noticed that default self signed Administrator certificate for EFS data recovery agent has expired.
Deleting this expired certificate and generating new EFS data recovery certificate and importing it into Default Domain GPO, has solved all the problems. This new Data Recovery Agent certificate can be self signed and can be generated with cipher /r:cert_file_name, or if there is Microsoft CA in organization EFS recovery agent certificate template can be used.
 

1 comment:

  1. The article is very well written. I'll bookmark it and return to read more of your helpful information. Thank you. Definitely coming back. Do you use social media such as Tiktok? This app recently launched a spacebar-hitting contest. Click here for more information space bar game.

    ReplyDelete

How to check EMBG (Unique Master Citizen Number) using regex

In this post, I will share my implementation of how to check if some number looks like EMBG or Unique Master Citizen Number. For those of yo...