Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 477
  • Last Modified:

2000 Server - Strange error 6024 with EFS


I got a strange error in my server logs.  I've never seen it before, and I can't find any, and I mean ANY information on the net about it.  I was wondering if any of you had an idea.  

The following error occured on a fully patched Win2k Server running ISA 2000, WSUS, IIS (for WSUS), and RAS (for VPN).  Any thoughts about this would be greatly appreciated:

Event Type: Error
Event Source: EFS
Event Category: None
Event ID: 6024
Date:  5/17/2006
Time:  1:57:22 PM
User:  N/A
Computer: ISAServer1
EFS recovery policy is missing or corrupted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
  • 2
1 Solution
I think that this may correct your problem.

To change the recovery policy for the local computer

1.Click Start, click Run, type mmc, and then click OK.
2.On the File menu, click Add/Remove Snap-in, and then click Add.
3.Under Add Standalone Snap-in, click Group Policy, and then click Add.
4.Under Group Policy Object, make sure that Local Computer is displayed, click Finish
5.Click Close, and then click OK.
6.In Local Computer Policy, click Public Key Policies.

Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Public Key Policies
7.In the console tree, right-click Encrypted Data Recovery Agents, and then do one of the following:

• To designate a user as an additional recovery agent using the Add Recovery Agent wizard, click Add.
• To request a new file recovery certificate using the Certificate Request wizard, click Create. To complete this procedure, you must have the appropriate permissions to request the certificate and the certification authority (CA) must be configured to issue this type of certificate.
• To delete this EFS policy and every recovery agent, click Delete Policy. If you select this option, users cannot encrypt files on this computer.
mrnation111Author Commented:
Thanks!  I designated myself as an additional recovery agent and that worked.  No more error when I'm trying to decrypt the folder.
Great. Glad to be of help to you!

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now