Announcement

Collapse
No announcement yet.

EFS encryption in office 2007 removes all authorized users when saving

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • EFS encryption in office 2007 removes all authorized users when saving

    We have a folder on a server where some of the files are encrypted using EFS. These files have several authorized users who can read and write on them. So far everything was working fine using Office 2003. Now, some users have installed Office 2007, since then, every time one of these users save one of these files (Word or Excel files), the list of authorized users is gone and only the user who saved the file is allowed to open it (he is the only one in the authorized users list). I think it is Office 2007 because if I open a simple text file with Notepad, the authorized users list does not change. Besides, I have Microsoft's FileConverter utility installed on my Office 2003 so I can read/write 2007 files and it behaves exactly the same way, removes the authorized users.

    Any idea why this is happening?
    Last edited by aag; 28th December 2010, 10:02.

  • #2
    Re: EFS encryption in office 2007 removes all authorized users when saving

    When you refer to "authorised users", can you confirm this is via DRM?
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: EFS encryption in office 2007 removes all authorized users when saving

      Originally posted by Ossian View Post
      When you refer to "authorised users", can you confirm this is via DRM?
      I don't know exactly what you mean by DRM. Maybe I didn't pick the right words, with "authorized users" I don't mean anything related to permissions on the file, I mean the users that can decrypt the file. When you encrypt a file using EFS (the NTFS built-in encryption feature, In Windows explorer, right click on the file, "General" tab, Advanced options, check on "Encrypt file" or something like that), not only you will be able to read the file, you can add more people who will be able to read it too. The problem is that all those "authorized users" are removed from the list after the file is saved from Word/Excel 2007, and only the user who saved the file remains in it; therefore, he is the only one who can decrypt it.

      (To see the list of people allowed to decrypt a file you go into Windows explorer, right click on the encrypted file, "General" tab, Advanced options, Details button, and you get the list and you can add more people)
      Last edited by aag; 28th December 2010, 16:39.

      Comment


      • #4
        Re: EFS encryption in office 2007 removes all authorized users when saving

        OK, I'm with you now -- I thought you were referring to "Digital Rights Management"

        Can you confirm it is Office by creating a file in notepad, encrypting it for multiple users, then opening it in Word.

        Can you also check Office 2007 is fully patched?
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment

        Working...
        X