Re: Getting back my encrypted directory

From: Torgeir Bakken (MVP) (Torgeir.Bakken-spam@hydro.com)
Date: 02/19/03 

From: "Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com>
Date: Wed, 19 Feb 2003 05:40:23 +0100

Tony Triassi wrote:

> Hi guys !!! ive got a real big problem. Im using win xp and corrupt some
> files need to be loaded by him. so i try to repair... and it dosent work.
> I reinstall XP without erasing anything and it make a loop after scanning
> peripheral. I finally install WIN XP with erasing old windows option
> without erasing my precious MES DOCUMENTS. but now i have the older
> directory name but can't access it !! what i could do ? all my documents is
> stack there and cannot have access.
>
> I have no backup of those files ... but its encrypted for sure ... and it
> still on the HD .. what solution you have ?

You are *very* sure you encrypted them?

If not, you could try to take ownership...

HOW TO: Take Ownership of a File or Folder in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;308421

If you really encrypted the files, and did not export the encryption key/certs,
the files are lost.

If you start to use NTFS Encrypting File System (EFS), be sure to export the
encryption key/certs and store them in a safe place (multiple copies/multiple
media), in case your OS installation crashes and you can't get it up and running
again. Without the exported key/certs, your files will be lost forever (unless
you are in a domain).

Read and understand the information in the links below before you start using
EFS:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316

http://www.microsoft.com/windowsxp/pro/techinfo/administration/recovery/default.asp

(58 pages)

also gives information/links on to how to export keys, e.g.

"Data Recovery on Standalone Machines"

Under "Knowledge Base Articles on EFS" you will find e.g.

Q241201 How to Back Up Your Encrypting File System Private Key
Q255742 Methods for Recovering Encrypted Data Files

Reading Q255742, will give you this as well:

Q241201 HOW TO: Back Up Your Encrypting File System Private Key in Windows 2000

Q242296 How to Restore an EFS Private Key for Encrypted Data Recovery

If your computer is not a member of an AD domain, this part of the document is
obligatory reading:

"Using EFS with Standalone Machines or NT 4.0 Domains" 

--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and a ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter

Relevant Pages

  • Re: Certificates, Keys, Mobile Users, Intended Usage
    ... Option that you think about uses self signed EFS certificates. ... Better then exporting user's private key as backup is to setup DRA (Data ... there is no EFS certificate and it will generate a new one. ... Mobile computer users benefit from encrypting sensitive ...
    (microsoft.public.win2000.security)
  • Re: MS Document missing
    ... Private Key for Encrypted Data Recovery ... Encrypting File System in Windows XP and Windows Server 2003 ...
    (microsoft.public.windowsxp.security_admin)
  • Re: RA doesnt work after encrypting in XP
    ... >I am setting up a standard procedure for encrypting the data folders on ... > as deleting the RA private key using certmgr.msc. ... This works fine and I am able to decrypt them as ...
    (microsoft.public.win2000.security)
  • Re: Remote signing of large files
    ... about 'Remote signing of large files': ... the signing of this message digest. ... [Encrypting with the private key allows anyone ... of the private key, or that the private key has been compromised.] ...
    (Debian-User)
  • Re: Preserving EFS for reinstall of XP
    ... "Importing and Exporting Data Recovery Agent Keys" ... Q259732 EFS Recovery Agent Cannot Export Private Keys ... Back Up Your Encrypting File System Private Key in Windows 2000 ...
    (microsoft.public.windowsxp.security_admin)
Quantcast