Tech Tips / Windows XP / Security
Discover two ways to disable EFS
Therefore, disabling EFS in Windows XP is handled differently than in Windows 2000. There are two ways to disable EFS, depending on the configuration.
If your computer is joined to a domain, you can disable EFS through Group Policy:
- Open the Group Policy at the level you want to disable EFS.
- Go to Computer Configuration | Windows Settings | Security Settings.
- Expand the Public Key Policies.
- Right-click the Encrypting File System and click Properties.
- Remove the check from Allow Users To Encrypt
Files Using Encrypting File
Systems (EFS). - Exit the console.
If your computer is not joined to a domain, this Group Policy setting has no effect. Instead, you'll need to manually change the registry. (As always, we'll remind you that registry editing can be risky, so be sure you have a verified backup before you begin.)
- Open the registry editor (Regedit.exe).
- Open the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\
EFS key. - Choose Edit / New. Click the DWORD value.
- Type EfsConfiguration as the name.
- Double-click the new value and change its value to 1.
- Restart the computer.
Note: EFS is available on Windows XP Professional computers that have only NTFS, not FAT32, partitions. EFS is not available in Windows XP Home Edition.
Submit your Tech Tips
If you're an experienced IT professional and would like to share your expertise with other Setup32.com readers, why not submit a new tip to our Tech Tips area?
Latest Tech Tips in this category
- Automatically generate and assign strong passwords in Windows XP
- Designate a DRA and recover encrypted files
- Encrypt the local copy of remote files
- Comparing EFS in Win2K and WinXP
- Right-click to encrypt
- How to import the certificate with private key
- How to export your certificate with the private key
- A few more EFS best practices
Certification Links
Contact Us | Advertise | Authors | Subject Index | RSS Feeds 
Copyright ©2009 Setup32.com