Problems with EFS Configuration in GPOs?
Having issues similar to:
Trying to enable EFS on a specific OU, while it’s disable at the top of the structure or domain?
Recovery certificates from two different GPOs mixing up instead of being replaced?
Overall EFS GPOs looking like they aren’t merging properly?
Well, it’s not because EFS GPOs are supposed to behave like black magic. Turns out there’s a bug, Microsoft’s aware of it, but doesn’t think it would be a good idea to FIX IT on Windows XP and 2003.
Thankfully, all it means is you need to edit your GPOs from a Vista, 2008 or Windows 7 machine.
Opening my EFS GPOs in Windows 7, switching the Allow/Don’t allow and applying the ‘change’ fixed my GPOs. A few minutes later, and stuff was behaving like it should’ve been… Can I have those wasted hours of my life back, Mr. Ballmer?
