Re: How to decrypt EFS-protected restored files?
From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 05/09/04
- Next message: Holly: "Sadie-Shenan"
- Previous message: Karl Levinson [x y] mvp: "Re: rear tear"
- In reply to: *Vanguard*: "How to decrypt EFS-protected restored files?"
- Next in thread: Steven L Umbach: "Re: How to decrypt EFS-protected restored files?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 9 May 2004 07:57:17 -0400
See if these help you:
http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx
www.microsoft.com/technet/prodtechnol/winxppro/reskit/prnb_efs_ijvx.asp
www.microsoft.com/technet/columns/security/5min/5min-401.asp
http://support.microsoft.com/?kbid=324897#13
http://securityadmin.info/faq.asp#efs
Searching www.google.com and/or www.microsoft.com/support for EFS recovery
agent might help you find more articles if the ones above didn't help you.
"*Vanguard*" <no-email@reply-to-newsgroup.invalid> wrote in message
news:%23umEPsJNEHA.3988@TK2MSFTNGP09.phx.gbl...
> I had a directory configured to use EFS (so anything put under it got
> encrypted). I export my EFS certificate to a floppy. My system crashed
and
> a disk image wouldn't work (because of changes in the hardware). However,
I
> could still use the ImageExplorer that comes with DriveImage to peruse the
> contents of the image files to extract files out of them. So I've tried
the
> following:
>
> - Extracted the files from disk image. Cannot view them because of the
EFS
> protection. Imported the EFS certificate used when the files got
encrypted.
> It was imported under the Personal store for certificates. Could not open
> the files.
>
> - Deleted the EFS certificate and re-imported it but this time left the
> option selected to have Windows XP automatically determine under which
> certificate store to place the certificate. It imported it to the Trusted
> People certificate store. Still couldn't access the encrypted files.
>
> - Figuring that EFS had not yet been implemented on my new install and
that
> maybe the imported EFS certificate would not get exercised until EFS was
> used, I right-clicked on a folder and had it encrypted. Then I copied the
> files to under this directory figuring that the certificate might also
have
> to be imported before moving the files into an EFS-protected directory.
> Still cannot access the file contents.
>
> I've read several KB articles and the included help but it really never
> describes the steps in restoring EFS-protected files, the order of
importing
> the EFS certificate (before or after the files have been restored to the
new
> instance of Windows), or if importing the EFS certificate after restoring
> the files (or before) would allow access to them (or if I also need to
> actually implement EFS to have it utilize the imported certificate). I
see
> mention of how use EFS, export certificates, manage them, import them, and
> some vague inferences in using them against encrypted files but no real
> instructions. After a few hours, I've exhausted what I could come up for
a
> procedure to decrypt these files. Any ideas?
>
>
> --
> ____________________________________________________________
> *** Post replies to newsgroup. Share with others.
> *** Email: domain = ".com" and append "=NEWS=" to Subject.
> ____________________________________________________________
>
- Next message: Holly: "Sadie-Shenan"
- Previous message: Karl Levinson [x y] mvp: "Re: rear tear"
- In reply to: *Vanguard*: "How to decrypt EFS-protected restored files?"
- Next in thread: Steven L Umbach: "Re: How to decrypt EFS-protected restored files?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
