Re: recover EFS files from old PC

my AD account is a DRA, but I am unable toget baack into this guys files.
his laptop OS died, we removed the HDD and slaved it into a domained PC. we
can see the files but when i try to open them it says i have insufficient
permissions.

I did not import a key, i thought it was transparent.

After reading some of the links Shenan provided i am concerned. I am not
100% sure which was our first DC, and the original administrator has been
renamed. in the EFS DRA list in AD is shows my account and administrator as
the 2 DRA's. my renamed version of administrator is not listed.

"Roger Abell [MVP]" wrote:

How is it that use of the recovery agent (DRA) is failing ?
Where is it that you are trying to use the DRA? Are you
sure the DRA key is imported on that machine ?


"=pathfinder=" <pathfinder@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:79FB55A7-0C42-4BF0-BE1C-B61E9A1B5891@xxxxxxxxxxxxxxxx
I have a similar issue, the files were encrypted with a domain based CA, OS
(XP SP2) got corrupted and now when we try to open/copy/decrypt the files
we
get a no access error. I am an efs recovery admin but that does not help.

"never exported your key/cert " - explain how please.


"Shenan Stanley" wrote:

IIA wrote:
Motherboard of my old notebook died... i am trying to move my files
from the old hard drive to the new PC, but cant copy any of the
folders/files from my old Documents and Settings folder. I remember
they were all made private and encrypted. How can i get access to
these files ?

Were they actually "encrypted"?
If so - and if you never exported your key/cert - *poof* - they're likely
gone.

Although - my bet is you are getting "access denied" messages and perhaps
used the incorrect terminology.

How to Take Ownership of a File or Folder in Windows XP
http://support.microsoft.com/kb/308421

How to disable simplified sharing & set permissions
on a shared folder in Windows XP
http://support.microsoft.com/kb/307874

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html






.

Relevant Pages

  • Re: making administrator account the DRA in XP Profession
    ... >> account. ... >>>be the DRA, not the local Administrator. ... >> Here is some info from MS on "adding a recovery agent to a local ...
    (microsoft.public.windowsxp.security_admin)
  • RE: DRA doesnt want to work - but why?
    ... full right to the folder but still got "access denied" error. ... Does the thumbprint of the DRA's certificate match the thumbprint of the ... > DRA listed in the encrypted files' properties (on the Encryption Details ...
    (microsoft.public.windowsxp.security_admin)
  • Re: recover EFS files from old PC
    ... How is it that use of the recovery agent (DRA) is failing? ... How to Take Ownership of a File or Folder in Windows XP ...
    (microsoft.public.security)
  • Re: recover EFS files from old PC
    ... DRA info. ... renamed domain admin account. ... lack of NTFS permissions, so make sure account has permissions ... How to Take Ownership of a File or Folder in Windows XP ...
    (microsoft.public.security)
  • Re: EFS Recovery
    ... No domain + No DRA means you must have the cert/key ... of the encrypting account. ... and I need to retrieve the folder. ...
    (microsoft.public.windowsxp.security_admin)