File Handling (Windows Only)
It is critical that you understand how the LDT process handles read-only, binary (executable), NTFS encrypted and NTFS compressed files.
The LDT process is subjected to all of the File System policies and attributes set on the files. In some cases, this prevents LDT from encrypting a file. If users or applications are accessing files while LDT is in progress, LDT cannot change the attributes of the files and encrypt the file. It is critical that you understand how LDT handles various types of files:
-
NTFS Encryption and Compression
If NTFS encryption and compression is enabled on a file or folder, the LDT process cannot encrypt these files. To maintain the data coherency, LDT skips the encryption of the these files. These files display as “passthrough” files in the LDT statistics.
-
Read-Only Files
When LDT encounters read-only files, it rekeys the file by resetting the read-only attribute and then setting the attributes back again when the rekey completes. If a file is open, LDT skips this file.
-
If the file is not opened, LDT changes the attributes of the file and stores the original attributes in the file metadata.
-
LDT starts Rekey on this file.
-
If a user requests to open a file for writing while rekey is in progress, access is denied. User can only open files for reading.
-
LDT restores the attributes once rekey is done.
-
-
Executable Files
If an executable is running, or files are exclusively locked by the application, the LDT process cannot encrypt those files as it is unable to acquire the required locks on the files. LDT skips these files and changes to the INCOMPLETE state.
