Windows EFS and non-removable file users
-
Thursday, October 11, 2012 9:09 AM
Hi,
I'm using EFS file encryption feature in Windows 7. I'm the file user in file' EFS properties.
My problem is: I want to share this file with another user on the same machine (by adding him to "EFS file users") and it works OK, but it turned out that this user is able to remove ME from files EFS users! So I'm not able to decrypt this file any more.
Is there any way to share a file for editing but not giving this other user permissions to change EFS file users? I must say that I'm not able to control DRA (Data Recovery Agent) on this computer.
Regards
All Replies
-
Friday, October 12, 2012 9:23 AMModerator
Hi,
Based my research and test, if you only give another user read and execute permission, he will not be able to remove your account from EFS file users.
If he has the full control permission, yes, I agree with you, your account can be removed from EFS file users.Kim Zhou
TechNet Community Support
- Marked As Answer by nandrew Friday, October 12, 2012 10:42 AM
-
Friday, October 12, 2012 10:43 AMOk, so EFS doesn't support the scenario in which I wanted to use it. Thanks.
.png)
