Re: Ruined Domains and EFS recovery
From: Steven Umbach (n9rou_at_comcast.com)
Date: 09/08/03
- Next message: Steven Liu [MSFT]: "RE: USB Drives"
- Previous message: Bex: ""System" - Why is it listening on port 1025?"
- In reply to: myrt webb: "Ruined Domains and EFS recovery"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 08 Sep 2003 02:08:50 GMT
Users should still be able to decrypt their files with their own EFS key,
however to answer your question - yes a Recovery Agent or a user can and should
export their certificate AND private key to a place of safe keeping. When you
export your private key, you are also given the option to password protect the
file. See links below. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
http://support.microsoft.com/default.aspx?scid=kb;EN-US;241201
"myrt webb" <myrtwebb@centurytel.net> wrote in message
news:392901c3758e$e3cc03b0$a001280a@phx.gbl...
> A recent post talked about how someone's domain controller
> was ruined by a virus and they had to reformat and
> reinstall which of means that the old domain is gone.
> Apparently a full backup was not available.
>
> Problem occurs with users who have encrypted files on the
> defunct DC and now cannot get to their encrypted files
> because the old domain does not exist.
>
> As a preventative can a recovery agent place their EFS
> recovery certificate on a disk and store it someplace.
> Then use that disk to import the certificate and open the
> encypted files that have been restored to a seperate
> computer?
>
> Is there a better way to do it?(other than full backups of
> DC's)
>
> Interesting problem.
- Next message: Steven Liu [MSFT]: "RE: USB Drives"
- Previous message: Bex: ""System" - Why is it listening on port 1025?"
- In reply to: myrt webb: "Ruined Domains and EFS recovery"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
