Unexpected Access Denied error while accessing EFS encrypted file

I am getting Access Denied error when I try to access some files.

• ACL is OK, all ACE's all intherited, I have full access to these files and I am the owner of these files. ACE's are exactly same as other files in the same directory which are accessible without problems (doublechecked through Security Tab on file properties and cacls command).

• Files are EFS encrypted, however I should have access to these files, because they were encrypted by the same user account I am trying to access (decrypt) them. EFS settings are exactly same as other files in the same directory which are also encrypted and accessible without problems (doublechecked through cipher command and efsdump command (SysInternals)).

• In ProcMon utility (SysInternals) I am getting Access Denied entry while accessing these files.

• Files are not used (locked), checked by Unlocker utility.

Up to now, I tought I understand NTFS ACL's and EFS mechanisms fairly well, but now I am completely stuck and I do not know how to access these files. Any thoughts?

Solution 1:

The files you can't access are most likely encrypted with a different certificate than the one which is currently associated with your user account.

Check the signature of each file you can't open using the file properties box. If it is different from your current signature (cipher.exe /Y) then that is why you can't access the files.