Re: How do I recover encrypted files

From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 10 Mar 2006 19:14:45 -0600

Use efsinfo support tool to find out what users and Recovery Agents [if any]
show as having access to the EFS files and the corresponding certificate
thumbprints. If you use a RA then that may be the best approach to recover
the files. The EFS files would either need to be backed up and restored to
the computer that contains the RA certificate/private key or the RA would
need to logon to the computer where the EFS files are located and import his
RA certificate/private key from a password protected .pfx file into his user
account to decrypt the files. The links below may be helpful. If there is
no EFS private key available from user/RA then those EFS files will not be
recoverable. The user's/RA EFS private key lives in the user's profile, can
be exported for backup, and may be restored if you use PKI that archives
user's private keys for EFS certificates. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
http://www.microsoft.com/technet/prodtechnol/winxppro/support/dataprot.mspx

"mark olczyk" <molczyk@xxxxxxxxx> wrote in message
news:OB4mc5FRGHA.1096@xxxxxxxxxxxxxxxxxxxxxxx

One of my users have encrypt all of his data (1 year ago) that was stored
in
the folder on one of our 2003 Servers, now for some reason he can not
access
his files (access denied) I try to take over the ownership of the folder
with my administrator account to no avail, please help.

How do I recover the files, I need to have an access to it, what is the
best
or quickest method, are they any articles in knowledge base that will give
me step by step direction,

Thanks

References:
- How do I recover encrypted files
  - From: mark olczyk

Prev by Date: Re: SAMR Communication between Client and Server
Next by Date: Re: Restricting Authentication
Previous by thread: How do I recover encrypted files
Next by thread: CA Problems
Index(es):
- Date
- Thread

Relevant Pages

Re: how to recover the private key if user account is removed
... At his point of your setup, there is no conventional way to recover the ... > thx Steve ... > then how to recover the private key? ... >>may be able to recover the EFS files using the private ...
(microsoft.public.win2000.security)
Re: Certificates, Keys, Mobile Users, Intended Usage
... One thing to consider would be to define a Recovery Agent for the domain as ... The RA is computer policy and would apply to EFS files for domain and local ... users password to gain access to the EFS files if the user's EFS private key ... > mobile user always logon using his cached domain credentials so that the ...
(microsoft.public.win2000.security)
Re: DRA is Decrypting Files when it shouldnt be!!!
... is created before a Windows XP DRA is setup), ... Logon as the user that encrypted the file so that the user's private key ... > As I mentioned previously it is possible for an RA to decrypt files older ... > RA in the EFS files properties until I logon as that user with the EFS ...
(microsoft.public.windowsxp.security_admin)
Re: DRA is Decrypting Files when it shouldnt be!!!
... Once access to the EFS file is allowed by the user's EFS private key then ... the RA is added and the RA's public key is also used to encrypt a copy of ... the FEK that can decrypt the EFS file. ... >> RA in the EFS files properties until I logon as that user with the EFS ...
(microsoft.public.windowsxp.security_admin)
Re: EFS - Encryption and User Migration
... in a situation that they can recover their EFS files. ... will at least let them know if EFS private keys are found so that they do ... The user's password protects the EFS private ...
(microsoft.public.windows.server.general)