Re: EFS recovery problem
From: Peter Clark (clark_at_hushmail.com)
Date: 05/02/03
- Next message: Mark: "Access denied to remote access management server"
- Previous message: Torgeir Bakken (MVP): "Re: a"
- In reply to: Roger Abell [MVP]: "Re: EFS recovery problem"
- Next in thread: Roger Abell [MVP]: "Re: EFS recovery problem"
- Reply: Roger Abell [MVP]: "Re: EFS recovery problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 1 May 2003 16:18:50 -0700
weird - remember a few weeks ago somebody posted a similar
story? i can't remember how it was resolved. changing
groups *should* _not_ effect efs.
yeah - check with efsinfo and check in your profile
folder\application data\microsoft\systemcertificates\ for a
matching filename. also check with certs in mmc.
if your still stuck give us a yell.
>-----Original Message-----
>I am not sure at which point your EFS access was broken,
>but here are some observations.
>
>A recovery agent will only be of use if it was set up before
>the files were encrypted or last touched. Doing this after
>the fact will not assist in your current dilemma. You use
>the commandline cipher utility to generate the needed
>cert/key for the recovery agent. It is all in here
>
http://microsoft.com/WINDOWSXP/pro/techinfo/administration/recovery
>
>Since your account is now set with the same password as
before,
>and since changing the group memberships of an account should
>have not impact on the operation of EFS, we need to figure
out
>what has happened to your account.
>There is a tool, efsinfo.exe, that you can use to see what
thumbprint
>is associated with the encrypted files, and the account's
current
>certificate. You can get this by installing the Support
Tools from
>the similarly named directory of the Windows XP CD.
>You should also use the Certificates mmc console to look
at the
>private certificates for EFS of the account in question -
particularly
>checking to see if there is more than one.
>
>--
>Roger
>
><thiessendg@yahoo.com> wrote in message
news:eddfcb6f.0305010521.2cb4751d@posting.google.com...
>> All,
>>
>> Please note that I have read the FAQ...
>>
>> Here is my problem, I have a Power User Account. I
changed that
>> account to an Administrator. When I logged in, it
forced me to change
>> the password. I simply changed it to its current
password. I did my
>> thing, logged off, logged in to default admin, changed
account back to
>> PU acct. Log out of Admin, log in to PU acct. and now I
cannot access
>> EFS files.
>>
>> After reading/research, I log on to account and use
control panel to
>> change my password, change it to the password. Still no
access to EFS
>> files.
>>
>> Hmmm. Log on to admin, restore files from backup, still
no acccess.
>>
>> Hmmm. Use MMC and try to make sure that default admin
is recovery
>> agent and he is not, no one is. So i try to add Admin
acct as
>> Recovery agent, but, there is no *.cer file on local
machine.
>>
>> Any suggestions?
>>
>> My understnading was, since the password changed, that
is what screwed
>> up the EFS. But, according the KB article, logging in
as user and
>> changeing password with control panel, I should have
access to my EFS
>> files back.
>>
>> I have a sinking feeling, but appreciate any suggestions...
>>
>> Dave
>.
>
- Next message: Mark: "Access denied to remote access management server"
- Previous message: Torgeir Bakken (MVP): "Re: a"
- In reply to: Roger Abell [MVP]: "Re: EFS recovery problem"
- Next in thread: Roger Abell [MVP]: "Re: EFS recovery problem"
- Reply: Roger Abell [MVP]: "Re: EFS recovery problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
