I have some machines which have OS build 16299 and have SQL Server installed and mdf/ldf are encrypted with EFS. I found the mdf/ldf files could not be decrypted when the database is online. While for the machine which have OS build above16299, the mdf/ldf files could be decrypted directly when database is online.
Which means for the OS build 16299, I have to set the database offline to decrypt the database files, if the database size is huge, it will take a very long down time.
I though it's due to the OS build issue, so I upgraded the OS build to same version with the OS build which could decrypt the database files online. While even the OS has been upgraded it didn't change the EFS decrypt behavior, I still could not decrypt the files when the database is online.
It seems for the old OS build, the EFS will create a file named EFS0.TMP which is same with the database file when do the encryption/decryption. While for the new OS build in my case, the EFS will not create any file named EFS*.TMP. I could not understand what caused the different behavior of the EFS. If anyone could help to answer this question?