EFS and recovery agents after migrating to Active Directory
From: company (sbalaji@dontspam.bindview.com)Date: 03/18/02
- Previous message: Scott D. Williams: "Re: Logon problem! :-("
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "company" <sbalaji@dontspam.bindview.com> Date: Mon, 18 Mar 2002 09:57:38 -0600
I had some files encrypted on a W2K machine that was part of a NT4.0 domain
structure. The account used to encrypt was a domain user account that has
local admin
priveleges. Recently I migrated that account to a AD domain and a new
account was
created. When I log back in to the box with the old account, I was not able
to
decrypt the file. The private key portion of the certificate is not found
and only the
certificate is there. EFSINFO /R /U /C lists the recovery agent as the
Active directory domain
admin with a thumbprint. But if the AD domain admin logs in to the box and
tried it still gives
access denied. Next we tried the recovery steps as highlighted by support
articles and here
and it still is not working.
My question is where do I find the DRA's private key (on which box) and how
do I find one that matches the thumbprint of this DRA (as reported by
EFSINFO cmd)?
Thanks in Advance
/s
- Previous message: Scott D. Williams: "Re: Logon problem! :-("
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
