Re: NTFS encryption problem

From: DevilsPGD (spammelikeiwanttobespammed@crazyhat.net)
Date: 10/27/02

• Next message: Michel Gallant (MVP): "Re: NTFS encryption problem"
• Previous message: Ray: "Re: IE remembering form data"
• In reply to: Karl Levinson [x y] MVP: "Re: NTFS encryption problem"
• Next in thread: Michel Gallant (MVP): "Re: NTFS encryption problem"
• Reply: Michel Gallant (MVP): "Re: NTFS encryption problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: DevilsPGD <spammelikeiwanttobespammed@crazyhat.net>
Date: Sun, 27 Oct 2002 21:17:15 GMT

In message <<OWvdxoafCHA.2592@tkmsftngp09>> "Karl Levinson [x y] MVP"
<jamescagney90210@excite.com> did ramble:

>In AD, the domain Administrator account is the default EFS recovery agent.
>Try logging in as domain admin and following the instructions for doing EFS
>recovery. And back up your encryption keys ASAP, because without them, your
>files are out of luck. Information on how to do both of these is available
>by searching either this newsgroup for "EFS" or www.microsoft.com/support
>for "EFS recovery"

One more thing I tried, I was able to get into lockup this morning to
get my W2K resource kit, and I ran EFSINFO.EXE and got the following
output:

  Users who can decrypt:
    NTDOMAIN\devilspgd (OU=EFS File Encryption Certificate, L=EFS,
CN=DevilsPGD)

  Recovery Agents:
    Unknown (OU=EFS File Encryption Certificate, L=EFS,
CN=Administrator)

I am logged on as NTDOMAIN\devilspgd right now, so shouldn't that give
me rights to decrypt? -- Failing that, should I try
NTDOMAIN\Administrator?

-- 
Whenever I feel blue, I start breathing again.

---

• Next message: Michel Gallant (MVP): "Re: NTFS encryption problem"
• Previous message: Ray: "Re: IE remembering form data"
• In reply to: Karl Levinson [x y] MVP: "Re: NTFS encryption problem"
• Next in thread: Michel Gallant (MVP): "Re: NTFS encryption problem"
• Reply: Michel Gallant (MVP): "Re: NTFS encryption problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Restoring Encrypted Files ... domain administrator account as the EFS recovery agent? ... > encryption attribute on these files. ... (microsoft.public.win2000.security) Re: Restoring Encrypted Files ... > domain administrator account as the EFS recovery agent? ... >> Kevin McGowan ... >> Computer Abilities ... (microsoft.public.win2000.security) Re: NTFS encryption problem ... > I've run into a minor problem with NTFS encryption. ... > the same (active directory based) user account as I used on the previous ... the domain Administrator account is the default EFS recovery agent. ... (microsoft.public.security) Re: adding EFS Recovery agents ... I'm on a Win2K platform. ... You can export that certificate to a .PFX (including the ... > EFS recovery agent key and certificate. ... (microsoft.public.win2000.security) Re: gesperrter Account empfängt keine Emails mehr ... Dafür hast Du einen EFS Recovery Agent in Deiner Domäne. ... > keine Emails annehmen. ... (microsoft.public.de.exchange)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.security  > 2002-10