RE: Unable to access encrypted files after changing password on NT Domain (SP1)
From: Steven Liu (stevenl@online.microsoft.com)
Date: 12/02/02
- Next message: mm: "Re: Changing HDD"
- Previous message: frank: "Re: No welcome screen"
- In reply to: Peter Copeland: "Unable to access encrypted files after changing password on NT Domain (SP1)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: stevenl@online.microsoft.com (Steven Liu) Date: Mon, 02 Dec 2002 07:35:21 GMT
--------------------
| From: "Peter Copeland" <pwsc@sympatico.ca>
| Newsgroups: microsoft.public.windowsxp.security_admin
| Subject: Unable to access encrypted files after changing password on NT
Domain (SP1)
| Lines: 16
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| Message-ID: <QluF9.6475$cx4.1060999@news20.bellglobal.com>
| Date: Thu, 28 Nov 2002 14:43:30 -0500
| NNTP-Posting-Host: 216.208.34.34
| X-Complaints-To: abuse@sympatico.ca
| X-Trace: news20.bellglobal.com 1038512624 216.208.34.34 (Thu, 28 Nov 2002
14:43:44 EST)
| NNTP-Posting-Date: Thu, 28 Nov 2002 14:43:44 EST
| Organization: Bell Sympatico
| Path:
cpmsftngxa09!cpmsftngxa10!tkmsftngp01!newsfeed00.sul.t-online.de!t-online.de
!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!newsfeed1.cidera.com!Cidera
!torn!webster!nf1.bellglobal.com!nf2.bellglobal.com!news20.bellglobal.com.PO
STED!not-for-mail
| Xref: cpmsftngxa09 microsoft.public.windowsxp.security_admin:35172
| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
|
| Hi,
|
| I have a problem similar to that described in Microsoft KB Q316994.
Despite
| the article's comment that this problem was fixed in SP1, I continue to
have
| difficulties. After a user changes their NT domain password, all
encrypted
| files on their system become inaccessible on the next logon. This renders
| the encryption features of XP rather useless in our environment.
|
| Has anyone else continued to experience this problem post-SP1? Is there a
| solution?
|
| Thanks,
|
| Peter
|
|
|
Hi Peter,
There are several work arounds available.
- Change the user's password to the value from which it was reset.
- Use a Password Recovery Disk.
- XP Service Pack 1: To enable DPAPI behavior similar to that of Windows
2000, add the following registry entry.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Protect\Providers\df9d8cd
0-1501-11d1-8c7a-00c04fc297eb
Name: MasterKeyLegacyCompliance
Type: REG_DWORD
Value: 00000001
NOTE: Setting this registry entry weakens the security of DPAPI protected
data.
Thanks for using Microsoft News Group!
Sincerely,
Steven Liu
Online Support Professional
This posting is provided Ħ°AS ISĦħ with no warranties, and confers no
rights.
- Next message: mm: "Re: Changing HDD"
- Previous message: frank: "Re: No welcome screen"
- In reply to: Peter Copeland: "Unable to access encrypted files after changing password on NT Domain (SP1)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
