I have some files on the drive of a domain controller running Windows Server 2008 R2 which are encrypted via EFS. The user that originally encrypted the files no longer exists. When I look at the encryption details for these files it says that there is a recovery certificate for "Administrator(Administrator@MYDOMAIN)" with the certificate thumbprint "0123 4567 89AB...".
I am logged in as the above Administrator and when I open MMC and add the Certificates Snap-in I can see that I have a "File recovery" certificate with the thumbprint "0123 4567 89AB..." which is "enabled for all purposes".
I have checked the permissions on the files and the Administrator account has full access, except for the "Special permissions" box which is disabled.
Yet when I try to open, copy, or decrypt the files, I get an "Access is denied" error. E.g.
C:\Directory>cipher /d file.docx
Decrypting files in C:\Directory\
file.docx [ERR]
file.docx: Access is denied.
0 file(s) [or directorie(s)] within 1 directorie(s) were decrypted.
What do I need to do to decrypt these files?
