You cannot remotely access encrypted files after you upgrade a Windows Server 2003 file server to Windows Server 2008
- You have a Windows Server 2003-based file server. Or, you have a prerelease Windows Server 2008-based file server.
- This file server hosts remotely encrypted files.
- You upgrade this file server to Windows Server 2008.
When a user encrypts a file that is stored on a Windows file server, the actual encryption of the file occurs on the file server. A special user profile is created on the Windows Server 2003-based file server. This special user profile is used to create and store your Encrypting File System (EFS) encryption keys. Afterward, every time that a user accesses the encrypted files on the file server, this special profile is loaded on behalf of the user. The previously created encryption keys are used.
Note The EFS recovery Tool is not required when Windows Server 2003-based computers that have EFS files are upgraded in-place to Windows Server 2008 R2.
The following file is available for download from the Microsoft Download Center:
Download the Post Upgrade EFS Recovery Tool 1.0 package now.
For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
The EFS Recovery Tool scans the Profiles directory on the upgraded server for unregistered accounts that have EFS keys. If any accounts are found, the tool creates new profiles and copies the EFS keys to these new profiles. The tool then archives the unregistered profiles into the ~efs.000 file.
How to run the EFS Recovery ToolYou must run this tool from an elevated command prompt on the server. There are two switches that you can run together with EfsUpgRecoverAccts.exe:
Detect only. Scan for unregistered profiles to recover, but do not perform any recovery.
- 0: No warnings or errors reported.
- 1: Warning(s), please review the output.
- 2: Error(s), please review the output.
- 3+: A fatal error prevented the tool from completing.
Article ID: 948690 - Last Review: 09/17/2009 21:55:36 - Revision: 2.0
- kbexpertiseinter kbtshoot kbprb KB948690