10/17/2008

To exclude a file from being encrypted when device encryption is turned on, you must add it to an exclusion list. You use the Exclude files from device encryptionGroup Policy setting to specify the path of the file or group of files that you want to add to the list. For more information about how to specify a file or group of files, see Adding Files to the Encryption List.

To exclude a file from the encryption list

  1. In the Group Policy Management Console, expand Group Policy Objectsand then locate the target GPO.

  2. Right-click the GPO and then select Edit.

  3. In the Group Policy Object Editor, expand Computer Configuration/Administrative Templates/Windows Mobile Settingsand select File Encryption.

  4. In the details pane, right-click Exclude files from device encryption, and select Properties.

  5. In the dialog box, on the Settingtab, choose Enabled, and then choose Show.

  6. In the Show Contentsdialog box, choose Add.

  7. In the Add Itemdialog box, in the Enter the name of the item to be addedbox, type the file name, or the path of the file or group of files, and then in the Enter the value of the item to be addedbox, type the description, if any.

  8. Choose OK. In the Show Contentsdialog box, the file name or the path of the file or group of files will appear in the Value Namebox and the description will appear in the Valuebox.

  9. Choose OKtwo times to finish the procedure and close the program.

See Also