This is an FYI ..

How do you manage your users related to EFS?

Do they use EFS? Do you know if they use EFS?

I won't go into all the details of why this new DCR is so neat... unless the readers really ask about it.

But - this can save you from a huge  headache if you are planning to deploy EFS...

The not yet public article is 912761 - refer to this when you call PSS and ask for this DCR ( design change  request )

Usage:

Install hotfix to the XP machine.

Create the following registry key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\EFS]

"EfsOptions"=dword:0

Once you have done this - reboot the client.

Now attempt to encrypt a file.

If you do not have an EFS cert, or you do not have an Enterprise CA to request one from, you will now get an error as seen below:

If you attempt to encrypt from CMD line via cipher.exe you will see:

Encrypting files in C:\Documents and Settings\efsr\Desktop\

New Text Document.txt [ERR]

New Text Document.txt: NO EFS certificate available.

0 file(s) [or directorie(s)] within 1 directorie(s) were encrypted.

Key: self signed certificate EFS DRA DCR

Happy New Year!

Spat