Re: Cannot get EFS recovery agent function to work!
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 04/01/05
- Next message: Steven L Umbach: "Re: Checking users 'Acces Right associated to shared folders on a Win2000 server"
- Previous message: Nick Finco [MSFT]: "Re: How to export W2K Effective Policy Setting?"
- Next in thread: cuppachino: "Re: Cannot get EFS recovery agent function to work!"
- Reply: cuppachino: "Re: Cannot get EFS recovery agent function to work!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 31 Mar 2005 21:24:29 -0600
Glad you got it to work but the EFS private key that was used to encrypt the
files must have been available - possibly from a restore of the user's
profile from a backup?? --- Steve
"kgstrong" <kgstrong@hotmail.com> wrote in message
news:OR2jjGmMFHA.3336@TK2MSFTNGP09.phx.gbl...
>I did reinstall Win2k from scratch a while back; then restored the rest of
>my files from a backup. The certificate that the files were encrypted with
>no longer exists on my system.
>
> However, I was able to decrypt the files using a program called Advanced
> EFS Data Recovery ($99) from elcomsoft.com. All-in-all an expensive
> lesson in what NOT to do.
>
> Thanks for the help.
> Ken Strong
>
>
> Steven L Umbach wrote:
>> Yes the thumbprints need to match for either the user or Recovery Agent.
>> If you have a stand alone computer and the RA is the built in
>> administrator account [which it would be by default] then logon as that
>> account and try to decrypt the files. The utility efsinfo can display
>> information on the recovery agent. You can use the certificates mmc
>> snapin for user to view certificate information and the certificate will
>> need to show that it has the matching private key for the certificate. If
>> you reinstalled the operating system [other than an upgrade install] at
>> some point the original user and RA certificate/private key would have
>> been destroyed. The EFS certificate and private key for a user/RA are
>> stored in the user's/RA's profile folder. --- Steve
>>
>> http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316 --- EFS
>> best practices
>>
>> "kgstrong" <kgstrong@hotmail.com> wrote in message
>> news:OnbX28sLFHA.2988@TK2MSFTNGP14.phx.gbl...
>>
>>>I'm new to Windows 2000, running Win2k Pro on a stand-alone machine. I
>>>encrypted some files before I knew anything about EFS - now a program
>>>that uses some of the files cannot access them. The files were encrypted
>>>under my "power user" account. The certificate that Win2k used to
>>>encrypt them is enabled for "All Purposes" including Encrypted File
>>>System, and File Recovery. As Administrator, I cannot import this
>>>certificate for the Recovery Agent - says it is not enabled for file
>>>recovery.
>>>
>>>My Recovery Agent certificate (issued by Administrator to Administrator,
>>>has a different thumbprint and is for File Recovery only.
>>>
>>>Does EFS recovery agent's certificate thumbprint have to match the
>>>certificate the files were encrypted with in order to recover these
>>>files?
>>>
>>>Ken
>>
>>
- Next message: Steven L Umbach: "Re: Checking users 'Acces Right associated to shared folders on a Win2000 server"
- Previous message: Nick Finco [MSFT]: "Re: How to export W2K Effective Policy Setting?"
- Next in thread: cuppachino: "Re: Cannot get EFS recovery agent function to work!"
- Reply: cuppachino: "Re: Cannot get EFS recovery agent function to work!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
