Message

An API call failed at %1.%2.  Error code: %3

Fields

Message

An API call failed at %1.%2.  Error code: %3, Data: %4

Fields

Message

An API call failed at %1.%2.  Error code: %3, Data: %4, %5

Fields

Message

%1.%2: Failed to allocate %3 bytes.

Fields

Message

EFS key promoted from current key.  CertValidated: %1, cbHash: %2, pbHash: %3, ContainerName: %4, ProviderName: %5, DisplayInformation: %6, dwCapabilities: %7, bIsCurrentKey: %8, eKeyType: %9

Fields

Message

EFS key demoted from current key.  CertValidated: %1, cbHash: %2, pbHash: %3, ContainerName: %4, ProviderName: %5, DisplayInformation: %6, dwCapabilities: %7, bIsCurrentKey: %8, eKeyType: %9

Fields

Message

EFS key flushed from cache.  CertValidated: %1, cbHash: %2, pbHash: %3, ContainerName: %4, ProviderName: %5, DisplayInformation: %6, dwCapabilities: %7, bIsCurrentKey: %8, eKeyType: %9

Fields

Message

%1.%2: The specified key is not valid for EFS

Fields

Message

%1.%2: Attempt to create a new EFS key

Fields

Message

%1.%2: A new EFS key was successfully created

Fields

Message

%1.%2: Begin searching the MY store for a valid EFS key

Fields

Message

%1.%2: Begin searching the MY store for a valid EFS key

Fields

Message

%1.%2: Deleting currentkey from registry

Fields

Message

%1.%2: The EFS cert is self-signed, but self-signed certs are disabled by policy

Fields

Message

%1.%2: RSA is required by policy, but the key does not support RSA encryption

Fields

Message

%1.%2: MASTERKEY is required by policy, but the key does not support MASTERKEY encryption

Fields

Message

%1.%2: SMARTCARDS are required by policy, but the key is not SMARTCARD-based

Fields

Message

%1.%2: key is expired

Fields

Message

%1.%2: key is valid

Fields

Message

%1.%2: try and locate the matching key based on cert hash

Fields

Message

%1.%2: key successfully loaded from registry

Fields

Message

%1.%2: try and locate the matching key in cache

Fields

Message

%1.%2: trying to load the masterkey history

Fields

Message

%1.%2: masterkey history loaded

Fields

Message

%1.%2: failed to encrypt: SIS or HSM file

Fields

Message

%1.%2: Suite B is disabled by policy, but the key is a Suite B key

Fields

Message

%1.%2: Suite B is required by policy, but the key is not a Suite B key

Fields

Message

%1.%2: releasing user cache object.  Refcount: %3

Fields

Message

%1.%2: trying to stop cache polling thread

Fields

Message

%1.%2: no decryption status in cache

Fields

Message

%1.%2: found matching decryption status in cache

Fields

Message

%1.%2: attempting to add key to user cache

Fields

Message

EFS key added to user cache.  CertValidated: %1, cbHash: %2, pbHash: %3, ContainerName: %4, ProviderName: %5, DisplayInformation: %6, dwCapabilities: %7, bIsCurrentKey: %8, eKeyType: %9

Fields

Message

%1.%2: ensuring user has cache node

Fields

Message

%1.%2: found cache node in user info

Fields

Message

%1.%2: found cache node in global cache

Fields

Message

%1.%2: creating new cache node for user

Fields

Message

%1.%2: Policy settings specified flush on card removal.  Starting the polling thread...

Fields

Message

%1.%2: Policy settings specified NO flush on timeout.  Stopping the polling thread...

Fields

Message

%1.%2: Policy settings specified flush on timeout.  Starting the polling thread...

Fields

Message

%1.%2: Policy settings specified new cache flush interval: %3.  Stop polling (will restart if there are active user caches)

Fields

Message

%1.%2: Polling thread stopped

Fields

Message

%1.%2: Flush cache specified by policy, and we have active user caches.  Start polling.

Fields

Message

%1.%2: Polling thread started

Fields

Message

%1.%2: User logon detected.  Beginning SSO processing.

Fields

Message

%1.%2: User logon detected, but is not smartcard-based.  No SSO processing required.

Fields

Message

%1.%2: Smartcard notification detected.  Beginning SSO processing.

Fields

Message

%1.%2: Smartcard notification detected, but the logon cert is already cached.  No processing required.

Fields

Message

%1.%2: Current key matches the logon cert.  Setting up the PIN cache.

Fields

Message

%1.%2: User does not yet have a current key.  If smartcard is required by policy, the logon cert and PIN will be cached.

Fields

Message

%1.%2: Logon notification detected on DC.  Beginning DRA install.

Fields

Message

%1.%2: user does not already have a cache: generating one now

Fields

Message

%1.%2: generating pre-cache for PIN and logon cert

Fields

Message

%1.%2: tried to install logon cert, but it's not available (not a smartcard logon, or the smartcard was removed)

Fields

Message

%1.%2: logon cert successfully installed

Fields

Message

%1.%2: trying to install logon cert

Fields

Message

%1.%2: User lock detected.  Beginning SSO processing.

Fields

Message

%1.%2: User logoff detected.  Beginning SSO processing.

Fields

Message

%1.%2: Flushing the user cache

Fields

Message

%1.%2: User has locked workstation, but policy says not to flush cache

Fields

Message

%1.%2: Checking for expired cache entries

Fields

Message

%1.%2: Expired certificate in recovery policy

Fields

Message

%1.%2: Certificate in recovery policy is not yet valid

Fields

Message

%1.%2: SL policy successfully updated

Fields

Message

%1.%2: EFS is disabled by SL policy

Fields

Message

%1.%2: EFS is not yet initialized

Fields

Message

%1.%2: EFS is disabled

Fields

Message

%1.%2: the data received by the API was too large.  Expected: %3, Actual: %4

Fields

Message

%1.%2: the data received by the API was too small.  Expected: %3, Actual: %4

Fields

Message

%1.%2: POSSIBLE EFS ATTACK DETECTED: %3, %4, %5

Fields

Message

%1.%2: attempting to validate EFS stream

Fields

Message

%1.%2: EFS stream validated

Fields

Message

PIN prompt dialog has closed

Fields

Message

Prompt the user to select a smartcard-based EFS cert

Fields

Message

Smartcard-based EFS cert successfully selected by the user

Fields

Message

Prompt the user for PIN

Fields

Message

PIN successfully acquired from the user

Fields

Message

Perfect match found in cache.

Fields

Message

Masterkey history already loaded

Fields

Message

Current key loaded from cache

Fields

Message

Current key loaded from registry

Fields

Message

%1.%2: Masterkey history: failed size consistency check.  %3, %4, %5

Fields

Message

%1.%2: Encrypted keys not equal

Fields

Message

%1.%2: doing a REKEY, but the DDF entry already exists

Fields

Message

%1.%2: replace operation added a DDF (unexpected)

Fields

Message

%1.%2: user is modifying a DDF entry not matching the PoP entry.  Require WRITE_ATTRIBUTES

Fields

Message

%1.%2: user is modifying a DDF matching the PoP entry, or the DRF.  Don't require WRITE_ATTRIBUTES

Fields

Message

%1.%2: UNEXPECTED condition: no ENCRYPTED_KEY for SC failure

Fields

Message

%1.%2: Plug-n-Play service not ready. EFS server will not try to detect interrupted encryption/decryption operation(s).

Fields

Message

%1.%2: Cannot open log file. Encryption/decryption operation(s) cannot be recovered.

Fields

Message

%1.%2: Cannot read log file. Encryption/decryption operation(s) cannot be recovered.

Fields

Message

%1.%2: A corrupted or different format log file has been found. No action was taken.

Fields

Message

%1.%2: The log file cannot be opened as non-cached IO. No action was taken.

Fields

Message

%1.%2: Interrupted encryption/decryption operation(s) found on a volume. Recovery procedure started.

Fields

Message

%1.%2: EFS recovery service cannot open the file %3. The interrupted encryption/decryption operation cannot be recovered.

Fields

Message

%1.%2: EFS service recovered %3 successfully.

Fields

Message

%1.%2: EFS service could not open all the streams on file %3  The file was not recovered.

Fields

Message

%1.%2: %3 could not be recovered Completely.  EFS driver may be missing.

Fields

Message

%1.%2: IO Error occurred during stream recovery.  %3 was not recovered.

Fields

Message

%1.%2: EFS recovery service cannot open the backup file %3 by name. The interrupted encryption/decryption operation (on file %4) may be recovered.  The backup file will not be deleted. User should delete the backup file if the recovery operation is done successfully.

Fields

Message

%1.%2: %3 was opened by File ID successfully the first time but not the second time. No recovery operation was tried on file %4. This is an internal error.

Fields

Message

%1.%2: EFS recovery service cannot get the backup file name. The interrupted encryption/decryption operation (on file %3) may be recovered.  The temporary backup file %4 is not deleted.  User should delete the backup file if the recovery operation is done successfully.

Fields

Message

%1.%2: %3 could not be opened. %4 was not recovered.

Fields

Message

%1.%2: Stream Information could not be got from %3. %4 was not recovered.

Fields

Message

%1.%2: EFS service could not open all the streams on file %3.  %4 was not recovered.

Fields

Message

%1.%2: EFS Service received logon notification.

Fields

Message

EFS Service failed to start. Error code: %3.

Fields

Message

%1.%2: User cache entry purged. Reference count: %3.

Fields

Message

%1.%2: All user cache entries purged. Reference count: %3.

Fields

Message

EFS service was unable to populate SID information. Error code: %3.

Fields

Message

EFS service was unable to determine the computer name. Error code: %3.

Fields

Message

EFS service was unable to initialize cache lock. Error code: %3.

Fields

Message

EFS service was unable to initialize the BCrypt Algorithm Provider. Error code: %3.

Fields

Message

EFS service was unable to query Software Licensing for the cache size. Error code: %3.

Fields

Message

EFS service was unable to open handle to the MS_DEF_PROV provider. Error code: %3.

Fields

Message

EFS service was unable to setup notifications from LSA. Error code: %3.

Fields

Message

EFS service was unable to initialize the recovery policy resource. Error code: %3.

Fields

Message

EFS service was unable process the recovery policy. Error code: %3.

Fields

Message

EFS service was unable to notify NTFS of its state. Error code: %3.

Fields

Message

EFS service was unable to setup group policy change notifications. Error code: %3.

Fields

Message

EFS service was unable to process active user sessions. Error code: %3.

Fields

Message

Encrypting File System server ready to accept calls.

Fields

Message

%1.%2: EFS service failed to subscribe for updates to an MDM policy. Index: %3.

Fields

Message

%1.%2: Failed to initialize one or more synchronization objects. Error code: %3.

Fields

Message

%1.%2: EFS service failed to process MDM policy updates. Error code: %3.

Fields

Message

%1.%2: EFS service failed to provision a user for Windows Information Protection. Error code: %3.

Fields

Message

%1.%2: EFS service failed to provision a user for DPL. Error code: %3.

Fields

Message

%1.%2: EFS service failed to initialize file encryption queues. Error code: %3.

Fields

Message

%1.%2: Recovery policy data is in an invalid format. Error code: %3.

Fields

Message

%1.%2: Start: %3.

Fields

Message

%1.%2: Complete: %3. Code: %4.

Fields

Message

%1.%2: Error Code: %3.

Fields

Message

%1.%2: Status Code: %3.

Fields

Message

%1.%2: Enter: %3.

Fields

Message

%1.%2: Leave: %3.

Fields

Message

%1.%2: Leave: %3. Code: %4.

Fields

Message

%1.%2: Error: %3. Code: %4.

Fields

Message

%1.%2: Warning: %3. Code: %4.

Fields

Message

%1.%2: %3. Code: %4.

Fields

Message

%1.%2: %3. Value: %4.

Fields

Message

%1.%2: Complete: %3. Code: %4.

Fields

Message

%1.%2: Leave: %3. Code: %4.

Fields

Message

%1.%2: EFS service failed to provision RMS for Windows Information Protection. Error code: %3.

Fields

Message

Thread %1: %2, Line %3, HRESULT %4, Message: '%5'

Fields

Message

A client attempted to call an EFS service API without privacy level authentication. Error code: %3. See https://go.microsoft.com/fwlink/?linkid=2181030.

Fields

Message

A client that called an EFS service API without privacy level authentication was allowed. See https://go.microsoft.com/fwlink/?linkid=2181030.

Message

Failed to unprotect device user credential key using Windows Hello for user: %3. Error code: %4

Fields

Message

Personal Data Encryption and Windows Hello status updated: 1) Windows Hello availability: %3; 2) Windows Hello logon capability: %4; 3) Windows Hello hardware capability: %5; 4) Remote Desktop remote connections disabled: %6; 5) Windows automatic restart sign-on disabled: %7.

Fields

Message

Personal Data Encryption enabled for user %3.

Fields

Message

Personal Data Encryption disabled for user %3. 1) Policy value: %4; and 2) Is opted out: %5.

Fields

Message

User %3 attempted to access user %4's data protected with Personal Data Encryption and was denied.

Fields

Message

Personal Data Encryption conversion started.
Mode: "%3",
paths in policy: "%4",
paths protected: "%5",
paths attempted: "%6",
status: %7.

Fields

Message

Personal Data Encryption conversion completed.
Mode: "%3",
paths in policy: "%4",
paths protected: "%5",
paths attempted: "%6",
status: %7,
number of items converted: %8 (total bytes converted: %9),
number of system items : %10,
number of read-only files : %11,
number of items looked at : %12.

Fields

Message

Personal Data Encryption conversion did not complete.
Mode: "%3",
paths in policy: "%4",
paths protected: "%5",
paths attempted: "%6",
status: %7,
number of items converted: %8 (total bytes converted: %9),
number of system items: %10,
number of read-only files : %11,
number of items looked at : %12,
number of unknown failures: %13,
number of items not protectable: %14.

Fields

Message

Personal Data Encryption conversion failed to convert one or more files or folders. First encountered failure on file or folder "%3" was %4.

Fields

Message

Personal Data Encryption policy for Desktop folder is set to %4 for user %3.

Fields

Message

Personal Data Encryption policy for Documents folder is set to %4 for user %3.

Fields

Message

Personal Data Encryption policy for Pictures folder is set to %4 for user %3.

Fields

Message

Personal Data Encryption policy for Desktop folder is deleted for user %3.

Fields

Message

Personal Data Encryption policy for Documents folder is deleted for user %3.

Fields

Message

Personal Data Encryption policy for Pictures folder is deleted for user %3.

Fields

Message

Personal Data Encryption policy for Desktop folder is mapped to path "%3" for user %4.

Fields

Message

Personal Data Encryption policy for Documents folder is mapped to path "%3" for user %4.

Fields

Message

Personal Data Encryption policy for Pictures folder is mapped to path "%3" for user %4.

Fields

Message

Personal Data Encryption: paths to protect folders is empty for user %3.

Fields

Message

Windows Information Protection has been disabled.

Fields

Message

Windows Information Protection could not be disabled. Error code: %3.

Fields

Message

Personal Data Encryption conversion did not complete the last time it was run. Last run mode: %3.

Fields

Message

Personal Data Encryption is not available for the current device. Only Azure AD joined devices are supported.

Fields

Message

Personal Data Encryption is not available for the current device. Supported device types are Azure AD joined and Hybrid Azure AD joined devices.

Fields

Message

Machine role cannot be determined. %1

Fields

Message

Default group policy object cannot be created. %1

Fields