I know EFS data recovery has been discussed so many times in the forums but I could not find anything useful in the other threads as I believe I have followed all the required steps but still cannot get EFS recovery agent to work.
I have a Client1 (Win 8.1) and a DC1 (Windows Server 2012 R2) under beta.com domain.
DC1 is a CA server as well as a domain controller. 1.I logged into DC1 as beta.com\Administrator which is the Domain Administrator account.
2.I duplicated the EFS Recovery Agent template on the DC1 and published it into Active Directory.
3.Then I edited the Default Domain Policy GPO and under Computer Settings\Policies\Windows Settings\Security Settings\Public Key Policies I right clicked Encrypting File System and selected Create a Data Recovery Agent and a new file recovery certificate was generated for the Administrator account.
4.I exported the newly-created Recovery Agent certificate and then logged into Client1 as beta.com\Administrator and imported it.
5.I then logged off from Client1 and logged back in using a different account beta.com\johns and encrypted a folder (with a text file inside) using EFS. (The folder address on local disk is C:\Reports)
6.Then I logged back into Client1 again using beta.com\Administrator but I am unable to open the file inside the folder and I get an Access is denied message.
It is very strange to get an "Access is denied" message because on the text file when I right click and click Properties -> Advanced -> Details, under the Recovery Certificates, the Administrator account's certificate is listed and its thumbprint corresponds to the same recovery certificate which I created in step 3. But I am still unable to access the file.
Do you have any idea why? Am I missing something?
Thanks in advance.
