Re: Cannot get EFS recovery agent function to work!

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 04/13/05

Next message: Steven L Umbach: "Re: Audit code meaning"
Previous message: Steven L Umbach: "Re: Authenticate on multi domain"
In reply to: cuppachino: "Re: Cannot get EFS recovery agent function to work!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 12 Apr 2005 22:40:22 -0500

The user profile is where the EFS private key is stored and thus your EFS
private key is gone. If you have backed the EFS private key to a .pfx file
then you could try to import it back into the user profile while logged on
as that user and try to decrypt the files. For Windows 2000 a Recovery Agent
is required which would be the built in administrator account for a non
domain computer and possibly "the" domain administrator account for the
domain. The Efsinfo utility will show if and who the RA is for an EFS file
and thumprint info. --- Steve

"cuppachino" <cuppachino.1neeu2@mail.mcse.ms> wrote in message
news:cuppachino.1neeu2@mail.mcse.ms...
>
> Can someone please confirm that as long as I know the password for the
> user account which encrypted the files, I will be able decrypt them?
>
> I have lost the user profile (temp files, application data, local
> settings, etc.) but I have NOT forgotten the password, and I'm able to
> log in. However, I'm now unable to decrypt the EFS data files.
>
> Any suggestions will be appreciated.
>
>
>
> --
> cuppachino
> ------------------------------------------------------------------------
> Posted via http://www.mcse.ms
> ------------------------------------------------------------------------
> View this thread: http://www.mcse.ms/message1504209.html
>

Next message: Steven L Umbach: "Re: Audit code meaning"
Previous message: Steven L Umbach: "Re: Authenticate on multi domain"
In reply to: cuppachino: "Re: Cannot get EFS recovery agent function to work!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: HELP
... protected .pfx. ... 3- you have the EFS private key for the Recovery agent in a .pfx ... 5- No i Do not have at all Copy from the user Profile At all, ...
(microsoft.public.windows.group_policy)
Re: CANNOT EFS DECRYPT AFTER A GHOST RESTORE
... There would not be a .pfx file unless you took the effort to create one at ... some point in time by exporting your EFS private key at which time you would ... the user profile probably because of performance and security reasons and it ... shareware data recovery tools ...
(microsoft.public.windowsxp.security_admin)
Re: EFS for the entire user profile
... It is not possible because the user profile contains the EFS private key in ... folders that have data that you want to secure such as my documents folder. ... Is is possible/advisable to encrypt the entire user profile for a logged ...
(microsoft.public.win2000.security)
Re: EFS for the entire user profile
... Mike Ober. ... It is not possible because the user profile contains the EFS private key ... administrator account password that is by default the RA and then can ...
(microsoft.public.win2000.security)
Re: HELP
... users private key you would need to have a backed up copy from the old operating ... A Recovery Agent would need to have been ... > 3- you have the EFS private key for the Recovery agent in a .pfx ... >>> MESSSGAE AND ITS UNABLE TO REMOVE THE ENCRYPTION AND DISPLAY ACCESS ...
(microsoft.public.windows.group_policy)