I have created (I think!) a recovery agent under the EFS policy on our Windows Server 2003 SBS server, but I am missing one small detail. The policy is created, the certificate is created and I have assigned Recovery Agent rights to a newly created 'EFS Admin' user (domain admin rights). Users of the domain are allowed to create EFS folders, but when I show the details for the encrypted files the Recovery Agent Name field is blank, meaning that I don't have a workable recovery policy. I would expect the name EFS Admin to show up in this section, meaning that this user can also recover EFS protected documents (etc). Any ideas guys?