2000 Server - Strange error 6024 with EFS

Posted on 2006-05-18
Last Modified: 2008-01-16

I got a strange error in my server logs.  I've never seen it before, and I can't find any, and I mean ANY information on the net about it.  I was wondering if any of you had an idea.  

The following error occured on a fully patched Win2k Server running ISA 2000, WSUS, IIS (for WSUS), and RAS (for VPN).  Any thoughts about this would be greatly appreciated:

Event Type: Error
Event Source: EFS
Event Category: None
Event ID: 6024
Date:  5/17/2006
Time:  1:57:22 PM
User:  N/A
Computer: ISAServer1
EFS recovery policy is missing or corrupted.

For more information, see Help and Support Center at
Question by:mrnation111
    LVL 5

    Accepted Solution

    I think that this may correct your problem.

    To change the recovery policy for the local computer

    1.Click Start, click Run, type mmc, and then click OK.
    2.On the File menu, click Add/Remove Snap-in, and then click Add.
    3.Under Add Standalone Snap-in, click Group Policy, and then click Add.
    4.Under Group Policy Object, make sure that Local Computer is displayed, click Finish
    5.Click Close, and then click OK.
    6.In Local Computer Policy, click Public Key Policies.

    Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Public Key Policies
    7.In the console tree, right-click Encrypted Data Recovery Agents, and then do one of the following:

    • To designate a user as an additional recovery agent using the Add Recovery Agent wizard, click Add.
    • To request a new file recovery certificate using the Certificate Request wizard, click Create. To complete this procedure, you must have the appropriate permissions to request the certificate and the certification authority (CA) must be configured to issue this type of certificate.
    • To delete this EFS policy and every recovery agent, click Delete Policy. If you select this option, users cannot encrypt files on this computer.

    Author Comment

    Thanks!  I designated myself as an additional recovery agent and that worked.  No more error when I'm trying to decrypt the folder.
    LVL 5

    Expert Comment

    Great. Glad to be of help to you!

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Suggested Solutions

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    Digital marketing agencies have encountered both the opportunities and difficulties that emerge from working with a wide-ranging organizations.
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now