IT Pro Today is part of the Informa Tech Division of Informa PLC

INFORMA PLC|ABOUT US|INVESTOR RELATIONS|TALENT

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Documents Online Events Advertise About

Newsletter Sign-Up

Cloud

Recent in Cloud

SEE ALL Cloud

Amazon.com Inc. headquarters in Seattle, Washington.

Career Management

Amazon Is Trying to Kill the Meeting Before the Meeting Amazon Is Trying to Kill the Meeting Before the Meeting

byBloomberg News

Sep 21, 2024

4 Min Read

tablet with "cloud computing" on the screen on top of financial documents and calculator

Cloud Computing

Guide to Cloud Computing ETFs Guide to Cloud Computing ETFs

byChristopher Tozzi

Sep 17, 2024

4 Min Read

Recent in OS

See All OS

stacks of blocks in digital environment

Linux OS

Top 10 Stories About Compute Engines, Linux of 2024 So Far Top 10 Stories About Compute Engines, Linux of 2024 So Far

byITPro Today Staff

Jul 17, 2024

3 Min Read

empty cockpit of autonomous car

Operating Systems

What Is a Real-Time Operating System, and Who Needs One?What Is a Real-Time Operating System, and Who Needs One?

byChristopher Tozzi

Mar 5, 2024

6 Min Read

IT Mgmt

Recent in IT Mgmt

See All IT Mgmt

Black woman being interviewed for a job

Career Management

The DEI Crusader Who Closes Firm to Save Diversity in Tech The DEI Crusader Who Closes Firm to Save Diversity in Tech

byBloomberg News

Sep 20, 2024

3 Min Read

power cord unplugged on top of calculator

IT Operations

How IT Leaders Can Assess and Evaluate Risk to Mitigate IT Outages How IT Leaders Can Assess and Evaluate Risk to Mitigate IT Outages

byIndustry Perspectives

Sep 19, 2024

6 Min Read

Career

Recent in Career

See All Career Mgmt

Amazon.com Inc. headquarters in Seattle, Washington.

Career Management

Amazon Is Trying to Kill the Meeting Before the Meeting Amazon Is Trying to Kill the Meeting Before the Meeting

byBloomberg News

Sep 21, 2024

4 Min Read

Black woman being interviewed for a job

Career Management

The DEI Crusader Who Closes Firm to Save Diversity in Tech The DEI Crusader Who Closes Firm to Save Diversity in Tech

byBloomberg News

Sep 20, 2024

3 Min Read

Storage

Recent in Storage

See All Data Storage

a moving cloud shape with the words object storage inside

Data Storage

Maximize Cloud Efficiency: What Is Object Storage?Maximize Cloud Efficiency: What Is Object Storage?

byBrien Posey

Sep 10, 2024

7 Min Read

an AI processor chip in a cube

AI & Machine Learning

A Guide to Storage for AI Workloads A Guide to Storage for AI Workloads

byChristopher Tozzi

Sep 9, 2024

4 Min Read

Security

Recent in Security

See All IT Security

list of domains within the umbrella category of IT security

IT Security

What Is IT Security? Essentials of IT Security Explained What Is IT Security? Essentials of IT Security Explained

byBrien Posey

Sep 16, 2024

7 Min Read

code-filled DevOps symbol in front of more code

DevOps

Unlock Business Value Through Effective DevOps Infrastructure Management Unlock Business Value Through Effective DevOps Infrastructure Management

byIndustry Perspectives

Sep 6, 2024

7 Min Read

Dev

Recent in Dev

See All Software Dev

power cord unplugged on top of calculator

IT Operations

How IT Leaders Can Assess and Evaluate Risk to Mitigate IT Outages How IT Leaders Can Assess and Evaluate Risk to Mitigate IT Outages

byIndustry Perspectives

Sep 19, 2024

6 Min Read

continuous glucose monitor on a smartphone app

AI & Machine Learning

Unlocking the Power of AI and ML to Improve Remote Patient Monitoring Unlocking the Power of AI and ML to Improve Remote Patient Monitoring

byIndustry Perspectives

Sep 9, 2024

6 Min Read

Recent in DX

See All Digital Transformation

continuous glucose monitor on a smartphone app

AI & Machine Learning

Unlocking the Power of AI and ML to Improve Remote Patient Monitoring Unlocking the Power of AI and ML to Improve Remote Patient Monitoring

byIndustry Perspectives

Sep 9, 2024

6 Min Read

an AI processor chip in a cube

AI & Machine Learning

A Guide to Storage for AI Workloads A Guide to Storage for AI Workloads

byChristopher Tozzi

Sep 9, 2024

4 Min Read

Infrastructure

Recent in Infrastructure

See All Infrastructure

stacks of blocks in digital environment

Linux OS

Top 10 Stories About Compute Engines, Linux of 2024 So Far Top 10 Stories About Compute Engines, Linux of 2024 So Far

byITPro Today Staff

Jul 17, 2024

3 Min Read

birds migrating in the clouds

VMWare

How to Leverage Your VMware Migration to Redesign Your Infrastructure Architecture How to Leverage Your VMware Migration to Redesign Your Infrastructure Architecture

byChristopher Tozzi

May 3, 2024

5 Min Read

Newsletters
How To…?
Industry Perspectives
Business Resources
Reports/Research
Online Events

Live Events
Videos
White Papers
Advertise With Us
About Us

Resource Library

Microsoft Windows
Operating Systems

How can I add a user as an EFS recovery agent for a domain?

John Savill

March 19, 2000

1 Min Read

A. Recovery agents are users who can recovery encrypted files for adomain. To add new users as recovery agents they must first have recoverycertificates issued by the enterprise CA structure (a local certificategranted by the Administrator is no use).

Start the Active Directory Users and Computers (Start - Programs - Administrative Programs - Active Directory Users and Computers)
Right click on the domain and select Properties
Select 'Group Policy' tab
Select the 'Default Domain Policy' and click Edit
Expand Computer ConfigurationWindows SettingsSecurity SettingsPublic Key PoliciesEncrypted Data Recovery Agents
Right click 'Encrypted Data Recovery Agents' and select Add
Click Next to the 'Add Recovery Agent Wizard'
Click 'Browse Directory'. Locate the user and click OK
Click Next to the agent dialog select
Click Finish to the confirmation
Close the Group Policy Editor

Refresh the machine policy

C:> secedit /refreshpolicy machine_policy

The agent will only be able to recover files encrypted after the user wasmade an agent. If an encrypted files is unencrypted and the encrypted or evenjust opened thenew agent WILL be able to recover it as the file will "refresh" itsrecovery certificates (if the recovery policy has changed).

The local admin on a standalone PC or the first logon admin on a DC is the recovery agent by default. However this can be modified. You canremove the default recovery agent and assign any one as the recovery agent. In other words, admin can not read other person's encrypted file unless he isthe recovery agent. The purpose of assigning the first logon admin as the recovery agent is to make life easier for most of our customer. The corporateuser is recommended to modify the recovery agent.

About the Author

John Savill

https://savilltech.net

See more from John Savill

Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

Newsletter Sign-Up

Editor's Choice

a stressed employee at their laptop and collaboration icons gone amok

Unified Communications

Microsoft Teams Is Acting Up. What Can We Do?Microsoft Teams Is Acting Up. What Can We Do?

byBrien Posey

Sep 12, 2024

4 Min Read

person placing a block between two columns of blocks

IT Management

Data Skills Gap Is Hampering Productivity; Is Upskilling the Answer?Data Skills Gap Is Hampering Productivity; Is Upskilling the Answer?

byNathan Eddy

Sep 7, 2024

7 Min Read

data privacy quiz sample question above a desk

Data Privacy

Data Privacy Quiz: 20 Questions To Test Your Knowledge Data Privacy Quiz: 20 Questions To Test Your Knowledge

byIan Horowitz

Aug 30, 2024

1 Min Read

Exclusive ITPro Resources

Tech Careers: Quick Reference Guide to IT Job Titles
Sep 13, 2024
|
1 Min Read
Migrating From VMware: Guide to a Successful Transition
Sep 3, 2024
|
1 Min Read
Developing Immersive HoloLens Apps (Download Your Free Guide)
Aug 26, 2024
|
1 Min Read
Data Privacy Quick Reference Guide
Jul 17, 2024
|
1 Min Read