Mark Russinovich at www.sysinternals.com has released the freeware utility EFSDump for Windows 2000 and displays what accounts are authorized to access encrypted files. Useful to Windows NT admin.

Windows 2000 introduces the Encrypting File System (EFS) so that users can protect their sensitive data. Several new APIs make their debut to support this factility, including one - QueryUsersOnEncryptedFile - that lets you see who has access to encrypted files. This applet uses the API to show you what accounts are authorized to access encrypted files. Full source code is included.

Elcomsoft has created Advanced EFS Data Recovery to decrypt files encrypted on NTFS partitions in Windows 2000. Files can be decrypted even in a case when the system is not bootable and so you cannot log on, and/or some encryption keys have been tampered. Besides,they say decryption is possible even when Windows is protected using SYSKEY.

New Riders has good NT texts.