Viewing Recovery Agent Information
The Windows 2000 Resource Kit includes the Efsinfo.exe tool, which you can use to view information about EFS files, including information about the EFS user account and the recovery agent accounts.
To view user information for an encrypted file, type the following at the command prompt:
efsinfo /u < filename >
The user name and e-mail address of the file's encryptor are then displayed.
To view recovery agent information for an encrypted file, type the following at the command prompt:
efsinfo /r < filename >
The user names and e-mail addresses of the file's recovery agent accounts are then displayed.
The information that is displayed by Efsinfo.exe is from the user's EFS certificate or the recovery agent certificates. When certificates are created by an enterprise CA, the CA obtains the user's information from the certificate requestor's user account in Active Directory. For stand-alone CAs, the user information is not obtained from Active Directory; you must instead enter the user name and the e-mail information in the Advanced Certificate Request page Web form when you submit the certificate request.
You can use Efsinfo.exe to verify who the file encryptor is or to verify which recovery accounts are authorized for recovering the file. This is especially important for files that have not been opened for a long time and thus do not have current user and recovery agent information.
For more information about how to use Efsinfo.exe, see Tools Help.