Export (0) Print
Expand All
Expand Minimize

EncryptionDisable function

Disables or enables encryption of the specified directory and the files in it. It does not affect encryption of subdirectories below the indicated directory.

Syntax


BOOL WINAPI EncryptionDisable(
  _In_  LPCWSTR DirPath,
  _In_  BOOL Disable
);

Parameters

DirPath [in]

The name of the directory for which to enable or disable encryption.

Disable [in]

Indicates whether to disable encryption (TRUE) or enable it (FALSE).

Return value

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

Under normal circumstances, EncryptFile will not encrypt files and directories with the FILE_ATTRIBUTE_SYSTEM attribute set. It is possible to override the FILE_ATTRIBUTE_SYSTEM attribute and encrypt files. Also, if a file or directory is marked with the FILE_ATTRIBUTE_SYSTEM attribute, it will normally be invisible to the user in directory listings and Windows Explorer directory windows. EncryptionDisable disables encryption of directories and files. It does not affect the visibility of files with the FILE_ATTRIBUTE_SYSTEM attribute set.

If TRUE is passed in, EncryptionDisable will write the following to the Desktop.ini file in the directory (creating it if necessary):

[Encryption]
Disable=1

If the section already exists but Disable is set to 0, it will be set to 1.

Thereafter, EncryptFile will fail on the directory and the files in it, and the code that GetLastError returns will be ERROR_DIR_EFS_DISALLOWED. This function does not affect encryption of subdirectories within the given directory.

The user can also manually add or edit the above lines in the Desktop.ini file and produce the same effect.

EncryptionDisable affects only FileEncryptionStatus and EncryptFile. After the directory is encrypted, any new files and new subdirectories created without the FILE_ATTRIBUTE_SYSTEM attribute will be encrypted.

If FALSE is passed in, EncryptionDisable will write the following to the Desktop.ini file:

[Encryption]
Disable=0

This means that file encryption is permitted on the files in that directory.

If you try to use EncryptionDisable to set the directory to the state it is already in, the function succeeds but has no effect.

If you try to use EncryptionDisable to disable or enable encryption on a file, the attempt will fail.

In Windows 8 and Windows Server 2012, this function is supported by the following technologies.

TechnologySupported

Server Message Block (SMB) 3.0 protocol

Yes

SMB 3.0 Transparent Failover (TFO)

No

SMB 3.0 with Scale-out File Shares (SO)

No

Cluster Shared Volume File System (CsvFS)

No

Resilient File System (ReFS)

No

 

SMB 3.0 does not support EFS on shares with continuous availability capability.

Requirements

Minimum supported client

Windows XP Professional [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

WinEfs.h (include Windows.h)

Library

Advapi32.lib

DLL

Advapi32.dll

See also

File Attribute Constants
DecryptFile
EncryptFile
File Encryption
File Management Functions
FileEncryptionStatus
GetFileAttributes

 

 

Community Additions

ADD
Show:
© 2014 Microsoft