We'd love to hear about it! Click here to go to the product suggestion community
We are having some issues moving location-based encrypted files to a new share location. We are using robocopy to copy the files. We have added the new shares and keys to the policy.After copying we can open .Doc and .XLS files but all PDF files are corrupted. So we wanted to test some things and remove the location-based file encryption location from the policy for the share but it is not decrypting the files.
Even if I try and manually decrypt the files they re-encrypt immediately. ??
If it is location-based encryption, then decryption should be done manually for which the decryption policy has to be applied. If persistent encryption is disabled. then once the file is moved out of the location it gets decrypted automatically. Also, could you please perform below checks:
-check for policy settings for old file shares. -check for policy settings for new file shares. -check if the PDF is working in old shares without issues. -decrypt PDF in old shares itself and then try to copy.
It would be best to check if any application based encryption rules are applied?
In reply to Shweta:
Location based is the only policy we have in place. The pdfs open in the old directory just fine but not the new. I have tried deleting the location policies but the files will not decrypt.
-check for policy settings for old file shares. ……..policy is in place -check for policy settings for new file shares...….removed policy for testing -check if the PDF is working in old shares without issues. …..open successfully on old share -decrypt PDF in old shares itself and then try to copy. …..removed location based policy but files stay encrypted even after manual decryption
In reply to cbsp2020:
I should clarify I am trying to turn off decryption on the old share.
In that scenario, I would suggest you open a support ticket to further troubleshoot from here and PM me the case number
Can you post the RSOP on the device you're trying to use please?
The fact that if you manually decrypt and then the files re-encrypt means there's a policy being applied elsewhere that's reversing your changes.
If we can find this policy (or policy group) then it'll be possible to prevent the re-encryption again.