Cannot Gain Access to Microsoft Encrypted File Systems (243850)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Datacenter Server
This article was previously published under Q243850

SYMPTOMS

If you log on to a server using a mandatory profile, you may experience one or more of the following behaviors:
  • You are not able to use the Microsoft Management Console (MMC) tool to enroll for a certificate.
  • You are not able to communicate with the logon server that contains the profile.
  • You are not able to gain access to Microsoft Encrypted File Systems or encrypt new files or folders.

STATUS

This behavior is by design.

MORE INFORMATION

When you log on using a mandatory profile, you do not have permissions to generate new public or private keys. When you log off, these keys are lost, because you you do not have permissions to permanently modify the profile. You would not be able to gain access to any data that you were able to encrypt.

To prevent this problem, Windows 2000 returns the NTE_TEMPORARY_PROFILE error message when you attempt to generate a new key and you are using a mandatory or cached local temporary profile.

223316 Best Practices for Encrypting File System

Modification Type:MajorLast Reviewed:9/8/2006
Keywords:kbnetwork kbprb KB243850
©2004 Microsoft Corporation. All rights reserved.