I'm running Windows 2003 SP2 with an Enterprise Root CA and have 4 Recovery agents configured. However, when I check my encrypt files and do a efsinfo /r it says no recovery agent. Can someone tell me why it may be saying this. I did a gpupdate /force. I also did cipher /u however, I haven't seen a recovery agent registered yet.

Hi Lab_Tech, How did you configure the recovery agent? Is it the domain based recovery agent or local based recovery agent? If you create the domain based recovery agent, EFS recovery agent certificates must be published in Active Directory. However, because the default EFS file recovery certificate template does not publish these certificates, you need to create a template that does so. To do this, in the Certificate Templates snap-in, copy the default EFS file recovery certificate template to create a new template, right click the new template, choose Properties, and, on the General tab of the Properties dialog box for the copied certificate, and select the Publish certificate in Active Directory check box. For more information on EFS, please refer to the article below. Protecting Data by Using EFS to Encrypt Hard Drives http://technet.microsoft.com/en-us/library/cc875821.aspx Regards, Karen JiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. This posting is provided "AS IS" with no warranties, and confers no rights.

Morning Karen, My recovery agents are all domain based. I did create the recovery agent certificates template and published it into active directory. I set myself and 2 other administrators for autoenroll and the others adminstrators to enroll. I can see my recovery agent listed in "Published Certificates" for my AD properties as well as it's installed on my computer. Thanks for the document, however, I had read that before. Any other thoughts? Is there a log file I can look at to see what maybe going wrong here? Thanks for your assistance so far

Hi Karen, I decided to further test this issue it seems I am only affected on my Windows 7 workstation. All other computers are ok. When I do an efsinfo /r I can see the recovery agents listed. Let's consider this issue closed as I prevented my computer from applying the default domain group policy and I'm sure now that is the reason why I cannot see the recovery agents. For anyone who may have had a similar situation, I suggest you verify that you are not preventing the computer having the problem from applying the group policy where the efsrecovery agent is located. Thanks for your assistance Karen