Assume we have a application-based frp encryption policy enforced for excel, if I want to decrypt all the encrypted xlsx files, how to do that?
Another is I tested DLP discover rule to invoke FRP to encrypt files with specific tag, but somehow some explorer db files were encypted due to DLP mis-tagged it, how to decrypt? I enabled explicit decryption in FRP policy, but the db files seems not supported by explicit decryption, the decryption option is grayed out in windows right click menu.
AFAIK, Anything that sits in C:\Users\<username>\AppData\Roaming (as well as some other locations) is prevented from crypt actions with FRP. Unfortunately for this situation, anything that sits further into that location will be subject to that limitation as well. I'm sure that you have seen that the options to manually encrypt or decrypt are unavailable (grayed out)
We can move the encrypted DB files other than AppData location and get them decrypted, however I am checking if there is any way to decrypt encrypted files inside AppData.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.