Re: Encrypting File System Recovery

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 03/21/04 

Date: Sun, 21 Mar 2004 16:16:18 GMT

If you have reinstalled your operating system that can cause losing the ability to
decrypt the EFS files. You actually had to log on as administrator during the
installation process. Be sure you log on as the built in administrator account which
would be the default recovery agent - not just anyone in the administrators group
will do and be sure that the administrator has full control on that folder and
possibly try the cipher command to decrypt. See the links below for more information
including how to use the efsinfo tool to see who can actually decrypt the files and
who is the recovery agent using the /r switch.

http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B243026
http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316

"Roland" <anonymous@discussions.microsoft.com> wrote in message
news:193001c40f43$0245f0a0$3a01280a@phx.gbl...
> Hi,
>
> I have encrypted a folder using MS Encrypting File System
> and then I lost the certificate and the private key so now
> I can't access/open the files in that folder. I have read
> something about that the Admin account on my computer
> should hold a recovery agent that should be able to
> decrypt my files. But when I log on as administrator I
> can't decrypt my files. I also read something that this
> recovery agent is created the first time I log on as a
> Admin but since I haven't logged on as an Admin due to
> that my ordinary user I already a member of the Admin
> group so I haven't had the need to log on as Admin before.
> Could this be the answer to why I can't decrypt/recover my
> files?
> Does anyone know how to solve this problem or are the
> files in my folder "gone" forever.
>
> /Roland
>

Relevant Pages

  • Re: Encrypting File System Recovery
    ... created a new recovery agent for the administrator account ... which doesn't have the ability to decrypt my files for the ... >> Admin but since I haven't logged on as an Admin due to ...
    (microsoft.public.win2000.security)
  • Re: cant recover encrypted files on efs
    ... A recovery agent cannot decrypt an EFS file until ... into foo's certificates. ... I log in as Admin and import foo's .cer to the Trusted ... I log in as "foo" and try to decrypt the file that was ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Event ID 6032
    ... So are these files actually on the SBS box, or on the workstation? ... The Recovery Agent does not need ownership, but it has to be the ... Administrator account by default, but it would not have to be. ... decrypt the files by reversing the process in which you encrypted them. ...
    (microsoft.public.windows.server.sbs)
  • Re: DRA is Decrypting Files when it shouldnt be!!!
    ... creating the RA with the administrator account. ... > RA for that file and you will see that "Administrator is the RA. ... >> RA though I rebooted the computer after encrypting the files and before ... >>> EFS is allowing the RA to decrypt 200 files that were encrypted BEFORE ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Recover EFS Files
    ... user and administrator. ... You're correct about the local admin 'should' be able to decrypt the ... >> ComputerName\UserName (OU=EFS File Encryption ... >> Your current EFS certificate thumbnail information on the ...
    (microsoft.public.win2000.security)