Re: file access/permissions problem...
From: Karl Levinson [x y] MVP (levinson_k@excite.com)
Date: 10/21/02
- Next message: Andrew A.: "Re: Pasword expirations"
- Previous message: Daniel Angelucci: "Re: Event Logs"
- In reply to: Greg: "file access/permissions problem..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Karl Levinson [x y] MVP" <levinson_k@excite.com> Date: Mon, 21 Oct 2002 09:12:30 -0400
"Greg" <gregkh@optonline.net> wrote in message
news:8d7c01c278f6$e64d2aa0$3bef2ecf@TKMSFTNGXA10...
> taking ownership of the folder, I tried
> unchecking "Encrypt documents to secure data" and I get an
> error message, "an error occured while applying attributes
> to this file: <gives the pathway> Access is denied." I
If these files were encrypted, see below:
Using any form of file encryption is a good way to lose your files forever,
unless you understand how to use the encryption and take steps BEFOREHAND to
preserve your data. Microsoft's EFS is no exception.
With EFS, you absolutely MUST back up your encryption key, or you risk
losing your data. If your PC will no longer boot into Windows, or you have
formatted the hard drive, or you reinstalled Windows, you will lose your
encryption key and your files will be unreadable, unless you have backed up
your encryption key.
Information on how to use EFS, including how to back up and restore an
encryption key [BEFORE a problem occurs] can be found here:
http://www.microsoft.com/windows2000/techinfo/planning/security/efssteps.asp
- Implementing EFS
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q255742 - Windows
2000
http://microsoft.com/windowsxp/pro/techinfo/administration/recovery/default.
asp - Windows XP
Certain conditions can cause an XP encryption key to no longer decrypt
files, such as if the administrator on a Windows XP computer resets a user's
password. Information on how to try to recover from this event can be found
here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q290260
Information on EFS encryption / decryption methods and recommendations can
be found here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q324897
If you did not back up the encryption key and are having problems, there are
only a few instances where you may be able to recover your files:
1. If the computer is joined to a Windows 2000 / .NET domain, the domain
Administrator account is the default EFS Recovery Agent and might be used to
recover the files. [Other accounts can be added as recovery agents.] In a
Windows 2000 or newer domain, the encryption keys are stored on the server,
so that you may be able to recover the encrypted files EVEN IF Windows has
been reinstalled on the workstation. For more information, try searching
www.google.com and/or www.microsoft.com/support for something like "EFS
recovery-agent" or "EFS recovery-agent windows-2000 recover."
2. If the computer is not joined to a Windows 2000 / .Net domain and Windows
has NOT been reinstalled, the local Administrator account is the default
recovery agent.
Note that if someone has physical access to your computer, and your computer
is not joined to a domain, that person can potentially read your encrypted
files by renaming or otherwise modifying the SAM file to gain access to the
Administrator account. With any Microsoft or non-Microsoft operating
system, there is no security without physical security.
.
- Next message: Andrew A.: "Re: Pasword expirations"
- Previous message: Daniel Angelucci: "Re: Event Logs"
- In reply to: Greg: "file access/permissions problem..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
