Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

File System Operations

File Handling (Windows Only)

search

Please Note:

printsuggest an edit

File Handling (Windows Only)

It is critical that you understand how the LDT process handles read-only, binary (executable), NTFS encrypted and NTFS compressed files.

The LDT process is subjected to all of the File System policies and attributes set on the files. In some cases, this prevents LDT from encrypting a file. If users or applications are accessing files while LDT is in progress, LDT cannot change the attributes of the files and encrypt the file. It is critical that you understand how LDT handles various types of files:

  • NTFS Encryption and Compression

    If NTFS encryption and compression is enabled on a file or folder, the LDT process cannot encrypt these files. To maintain the data coherency, LDT skips the encryption of the these files. These files display as “passthrough” files in the LDT statistics.

  • Read-Only Files

    When LDT encounters read-only files, it rekeys the file by resetting the read-only attribute and then setting the attributes back again when the rekey completes. If a file is open, LDT skips this file.

    1. If the file is not opened, LDT changes the attributes of the file and stores the original attributes in the file metadata.

    2. LDT starts Rekey on this file.

    3. If a user requests to open a file for writing while rekey is in progress, access is denied. User can only open files for reading.

    4. LDT restores the attributes once rekey is done.

  • Executable Files

    If an executable is running, or files are exclusively locked by the application, the LDT process cannot encrypt those files as it is unable to acquire the required locks on the files. LDT skips these files and changes to the INCOMPLETE state.

On this page