We’re moving our Active Directory domain object from our division’s forest to the corporate forest. The Active Directory Migration Tool is emphatic: files encrypted with EFS must be decrypted before moving the owner’s user account to the new domain. Otherwise the user account in the new domain / forest will be unable to open files encrypted by the old user account.
Does anyone know a way to determine which domain users are using EFS, either to encrypt locally stored files or files on a network resource?
