Re: Why I can't access my own files?
From: Steven L Umbach (sumbach_at_ameritech.net)
Date: 07/01/03
- Next message: Sharyn: "Forcing authentication with a specific DC"
- Previous message: Hindy: "Re: messenger service"
- In reply to: Robert Michon: "Re: Why I can't access my own files?"
- Next in thread: Robert Michon: "Re: Why I can't access my own files?"
- Reply: Robert Michon: "Re: Why I can't access my own files?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 01 Jul 2003 13:56:57 GMT
I know this has been an ongoing issue for Tony, but I never heard
confirmation that some files were encrypted. A user however can not copy an
encrypted file that he does not have the efs private key for. He might be
able to use backup and restore operation to move the file to a place where a
recovery agent may be able to decrypt it. Or if he can get the recovery
agent to log onto his computer and import his recovery agent key into that
computer, then the recovery agent may be able to decrypt those files. The
recovery agent for a domain by default is the original administrator account
on the first domain controller, but that may have been changed. The efsinfo
utility will display who can decrypt a file/folder. See KB links for more
info. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B255742
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B242296
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B243026
"Robert Michon" <rob_michon@hotmail.com> wrote in message
news:u10oOa8PDHA.2244@TK2MSFTNGP11.phx.gbl...
> Ok. There are a couple of ways you may be able to get around this. But
> lets explain a little first so you understand what is happening.
>
> In the NTFS file system there is extra security and encryption information
> saved with each file, this information determines who is allowed to access
> the file. The OS generates a SID (Security IDentifier) for each user,
that
> SID is what is used to determine who can access and unencrypt a file, not
> the name. So when you installed XP and are logging in as "administrator"
> the OS "administrator" SID doesn't match the SID for "administrator"
> associated with the file, and therefore you are being denied access to the
> files.
>
> First try to copy the files to a network share and have a Domain Admin
take
> ownership and try to open/unencrypt them.
>
> Second (a little more involved), somehow get the files copied to a FAT32
> formatted drive, copying them to that drive may strip the
> encryption/security information and allow you access the files.
>
> Good Luck!
>
> --
> Bob Michon
> Associate Expert
> Expert Zone---http://microsoft.com/windowsxp/expertzone/default.asp
> ___
> "Tony" <sshhtt@hotmail.com> wrote in message
> news:05c201c33f94$75493eb0$a501280a@phx.gbl...
> > Hi,
> > Thank you for your immediate reply.
> >
> > I have taken ownership, but I can't access them.
> > Cipher command shows the files are encrypted.
> > My system is NTFS, and in a domain.
> > I have been using the same account as an administrator
> > of my PC.
> > Very strangely, in the same folder, some files can be
> > accessed, some can not be accessed. If the top folder has
> > been encrypted(EFS), why not all the files in the folder
> > encrypted?
> >
> > Hope your reply, thanks!
> >
> >
> > >-----Original Message-----
> > >Windows is behaving exactly the way it is designed and
> > it is happening
> > >because of security provided by the NTFS file system.
> > >
> > >Take ownership of the files you cannot access and you
> > should be all set.
> > >This KB article explains everything you need to do so.
> > >
> > >http://support.microsoft.com/default.aspx?scid=kb;en-
> > us;308421
> > >
> > >--
> > >Bob Michon
> > >Associate Expert
> > >Expert Zone---
> > http://microsoft.com/windowsxp/expertzone/default.asp
> > >___
> > >"Tony" <sshhtt@hotmail.com> wrote in message
> > >news:06f001c33f76$7646fb40$a101280a@phx.gbl...
> > >> Hi,
> > >>
> > >> I met a very irratating problem: I transfer all my
> > >> files from my C drive to D drive under a win2000
> > system,
> > >> then I formatted the C drive and installed a XPpro
> > >> system. However, when I open the D drive, very
> > >> surprisingly, I can't open some files because
> > of "Access
> > >> denied". I tried to take the ownership and gave all
> > >> permissions to them, but useless. Someone told me that
> > is
> > >> caused by EFS. I can't restore the files forever! Most
> > of
> > >> the files were once in my desktop under win2000 OS. One
> > >> thing I don't understand is why some files in this
> > folder
> > >> readable while others not accessible?
> > >> My PC is in a domain, and I logged in my PC with the
> > >> same account all the time as an administrator.
> > >>
> > >> Can anyone help me? Thanks!
> > >
> > >
> > >.
> > >
>
>
- Next message: Sharyn: "Forcing authentication with a specific DC"
- Previous message: Hindy: "Re: messenger service"
- In reply to: Robert Michon: "Re: Why I can't access my own files?"
- Next in thread: Robert Michon: "Re: Why I can't access my own files?"
- Reply: Robert Michon: "Re: Why I can't access my own files?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
