Re: EFS, certificates etc
From: L Smith (lsmith.mail@btinternet.com)
Date: 10/14/02
- Next message: Antique: "Re: Windows XP SP1 BUG?"
- Previous message: TED RONEY: "HOAX TO DELE JAVA MGR Jbdgmtr.exe"
- In reply to: Jupiter Jones: "Re: EFS, certificates etc"
- Next in thread: Robert Gu [MS]: "Re: EFS, certificates etc"
- Reply: Robert Gu [MS]: "Re: EFS, certificates etc"
- Reply: martin: "Re: EFS, certificates etc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "L Smith" <lsmith.mail@btinternet.com> Date: Mon, 14 Oct 2002 16:57:12 +0100
OK
I backed up system state (in case of disasters!) then created a certificate
for the Admin account, which I have designated as the data recovery agent.
I created an encrypted file for a user. The user can decrypt it, but the
data recovery agent cannot. The file properties show the admin account as
being the designated recover agent, but when the admin account tries to
access it, or change the file properties, I get an 'access denied' message.
Both the admin and users account certificates are in the console
root\certificates (local computer)\trusted certificate\certificates store.
I haven't tried exporting keys or certificates, but am obviously missing
something here.
Any ideas anyone as to why this isn't working?
Thanks
LS
"Jupiter Jones" <jones_jupiter@hotnomail.com> wrote in message
news:#NovJC1cCHA.1652@tkmsftngp11...
> Read and understand this document before using Encryption:
> http://www.microsoft.com/windowsxp/pro/techinfo/administration/recover
> y/default.asp
> Play around with duplicate or unimportant files using all scenarios to
> assist you in full understanding of EFS.
> A few times a week someone comes here for help unencryption files and
> there is often no help.
> As you are learning, EFS is real good at what it does and there is no
> back door.
>
> --
> Jupiter Jones
> Please respond to newsgroup only.
> Everyone can benefit from the message.
>
>
> "L Smith" <lsmith.mail@btinternet.com> wrote in message
> news:e$VLI80cCHA.1540@tkmsftngp10...
> > Hi
> >
> > Newbie here - at least to EFS.
> >
> > I am running XP Pro on a stand alone PC and trying to get to grips
> with data
> > encryption.
> >
> > I understand that once encrypted, if you lose the associated key, it
> is
> > impossible to recover encrypted data. I have searched the Help
> files and
> > the newsgroup and found much about exporting certificates and
> creating data
> > recovery agents.
> >
> > As far as I can see, once I create a certificate for the
> administrator
> > account, I can designate that account as the data recovery agent and
> can
> > then use that account to recover any encrypted files on the PC. If
> I export
> > the certificate to a floppy disk, at a later date I can import it
> after a
> > fresh install and recover encrypted files from a back up. This is
> exactly
> > what I want, as I would not like to lose my data, but presumably the
> floppy
> > then creates a security risk.
> >
> > However, I cannot find out how to do the first step, which is create
> the
> > certificate. Unless I can do that, I am reluctant to encrypt the
> data.
> >
> > Can anyone point me in the right direction, please.
> >
> > Thanks
> >
> > LS
> > _________________________________________________________
> >
> > This message was checked by Norton Anti Virus 2002 before sending
>
>
- Next message: Antique: "Re: Windows XP SP1 BUG?"
- Previous message: TED RONEY: "HOAX TO DELE JAVA MGR Jbdgmtr.exe"
- In reply to: Jupiter Jones: "Re: EFS, certificates etc"
- Next in thread: Robert Gu [MS]: "Re: EFS, certificates etc"
- Reply: Robert Gu [MS]: "Re: EFS, certificates etc"
- Reply: martin: "Re: EFS, certificates etc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
