EFS - how to recover

From: martin (martin_26@optusnet.com.au)
Date: 10/11/02

Next message: Sandy: "Removing Sign On/Password at boot up"
Previous message: Stephanie: "Assigning permissions"
In reply to: Paul: "EFS - how to recover"
Next in thread: Robert Gu [MS]: "Re: EFS - how to recover"
Reply: Robert Gu [MS]: "Re: EFS - how to recover"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "martin" <martin_26@optusnet.com.au>
Date: Fri, 11 Oct 2002 05:09:26 -0700

Hi Paul,

Hopefully you exported the Certificate with associated
Key that corresponded to the encrypted files , because if
u have not then im afraid your data is as good as gone
for good, there are NO backdoors to EFS.

Your right in saying that due to the Recovery Agent being
created after the files were encrypted which is why u r
getting "acess denied" message..

I have read in several postings that if u have created a
image of the volume then maybe u might have access to the
cert's & keys..but to be honest with you i cannot confirm
this as i have never tried it myself.

EFS can be your best friend or your worst enemy

Martin.s

>-----Original Message-----
>I've deleted my domain user account and in the process
>have lost all the files on my local computer (in the
>domain) that had EFS applied. I have gone through the
EFS
>Recovery Agent procedure (as described in MS tech
notes),
>but this doesn't seem to work (I believe because the
>Recovery Agent was set up after the files were
encrypted).
>
>Does anybody have any ideas on how I can recover the
>data? Again - I've tried logging in as domain
>administrator and decrypting the files, but I keep
>getting 'access denied'. The Domain Administrator was
>made a Recovery Agent, but only after the files were
>encrypted and the domain user account deleted.
>
>TIA.
>
>P.
>.
>

Next message: Sandy: "Removing Sign On/Password at boot up"
Previous message: Stephanie: "Assigning permissions"
In reply to: Paul: "EFS - how to recover"
Next in thread: Robert Gu [MS]: "Re: EFS - how to recover"
Reply: Robert Gu [MS]: "Re: EFS - how to recover"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

EFS - how to recover
... I've deleted my domain user account and in the process ... have lost all the files on my local computer (in the ... Recovery Agent was set up after the files were encrypted). ... The Domain Administrator was ...
(microsoft.public.windowsxp.security_admin)
Re: EFS
... > will the domain administrator able to decrypt and view my files even if i ... > encrypt it with EFS? ... environment there is a designated recovery agent who could decrypt the ...
(microsoft.public.windowsxp.help_and_support)
Re: WIN2000 Encrypted Folders & Administrator Profile
... Many thanks for your invaluable help. ... >> you may be able to recover the EFS files. ... >> profile of the user and Recovery Agent for those files. ... without exported private keys to ...
(microsoft.public.win2000.security)
Re: EFS on shared file server
... I need to use EFS on a shared folder of my file server. ... For grant access to many people to the file in folder I have created many EFS Recovery Agent. ... Is possible store the User Certificate for EFS on AD so if one user logon on different computer can always access encrypeted file? ...
(microsoft.public.windows.server.security)
Re: Password question
... This change [versus W2K EFS] was done to improve confidentiality of EFS encrypted ... In W2K a recovery agent was required for EFS while it is not in XP Pro. ... are followed including encrypting only folders and may include the use of cipher /w ... > To avoid such data loss, do not reset a user's password. ...
(microsoft.public.cert.exam.mcse)