EFS experiment - need help

From: Earl Lewis (brassono_spam@mybizz.net)
Date: 09/24/02 

From: Earl Lewis <brassono_spam@mybizz.net>
Date: Tue, 24 Sep 2002 00:42:56 GMT

References:
http://www.microsoft.com/WINDOWSXP/pro/techinfo/administration/recovery/default.asp
henceforth to be known as: 'the .doc'

http://groups.google.com/groups?q=efs+precautions&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=e4ULNIDWCHA.1704%40tkmsftngp10&rnum=1rs. One is _TestEncrypted, other is _TestUnencrypted.
htbka: 'per Roger G'

My computer is a stand-alone (only a peer-to-peer network).
2 EFS test folders. One is _TestEncrypted, other is _TestUnencrypted.
Duplicate files each folder, _TestUnencrypted is for restore when I
make a mistake.

Log on as Administrator

[page 5 the .doc]
cd \Documents and Settings\Administrator\Start
Menu\Programs\Administrative Tools
(wups, they must have forgot to put that in the .doc)
CIPHER /R:CIPHADMI
a .pfx and a .cer are created.
Rclick on each file and Install them in Personal (wups, they forgot to
put that in the .doc)

Open CIPHADMI.CER, thumbprint is cb e9..…

[page 18 the .doc] - look at the certificates with mmc.
follow instructions, see 2 certificates in Personal Certificates. In
the Purpose column, one says File Recovery, the other Encryption File
System.
Rclick, Open File Recovery certificate, thumbprint is cb e9..…
Therefore this is the .CER
Rclick, Open Encryption File System certificate, thumbprint is 3a 2b..
this is the .PFX

[per Roger G]
efsinfo /y - yields a thumbprint of 3a 2b…..

encrypt _TestEncrypted folder and files successfully.

[per Roger G]
cipher /u
efsinfo /u /r /c k:\_TestEncrypted
yields a thumbprint of 3a 2b..…

[page 41 the .doc]
Registry certificate hash is 3a 2b..…

Log off Administrator
Log on as Earl
Earl can't decript _TestEncrypt

[page 41 the .doc]
Registry certificate hash is 96 bb…..

[page 22 the .doc] - importing keys
import CIPHADMI.CER to Earl's Personal Certificate - see it with mmc.
import CIPHADMI.PFX to Earl's Personal Certificate - well not really.
     The wizard says the import was successful but it doesn't show up
when looking at it with mmc.

My question: how do I import that Administrator PFX so that Earl can
use it to crypt and decrypt? Or, what else am I doing wrong?

Earl

Remove no_spam to reply email

Relevant Pages

  • Re: EFS Nightmare
    ... Thanks for the tip, Roger. ... that I cannot open does not match the thumbprint on the ... certificate exported and deleted off of the pc. ... >> encryption, and that I should be able to import the key ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Encrypted files -- would this work to get them back?
    ... If it were a Public Key, then why would it only appear in MY Keys ... folder within Application Data? ... In Public Key encryption, ... I was able to restore my old certificate and key but I'm stuck ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Error: 0x80090016
    ... the certificate may want to install to a profile path. ... C:\Documents and Settings\All Users\Application Data folder is a hidden ...
    (microsoft.public.windowsxp.general)
  • Re: Problem with digital certificate
    ... Once moved to the Trusted Root folder that red cross should disappear. ... the certificate shows up both in Personal ... Now open Excel and your workbook. ... VBA project could not be signed. ...
    (microsoft.public.excel.misc)
  • EFS data recovery - handholding needed
    ... in taking ownership of files in winxp ... >local admin is supposed to have access to encrypted files ... >with the use of a default certificate. ... >>encrypted folder under my a/c that has admin rights. ...
    (microsoft.public.windowsxp.security_admin)