I have a client who suddenly discovered that one of his network drives had EFS encryption turned on it. I was able to turn off the encryption on the whole drive except for one folder and its files.
The File Properties -> Advanced Attributes -> Encryption Details screen shows that the user has access to the file and the Administrator account has the backup keys. Under security properties, the admin account is listed as the owner. However, trying to remove the encryption results in an "Error 0x80071771: The specified file could not be decrypted" message. From Google searches the error code seems to be general decryption failure code, so that's not particularly useful. The command line 'crypt /d' also throws an error.
The drive has been encrypted for longer there is backup history, but that doesn't matter because the problem folder/files was created two days ago... Which seems to be the only thing "different" between this folder and the rest of files on the network drive; that it was created only recently.
Has anyone seen or heard of this situation?
User contributions licensed under CC BY-SA 3.0