Re: EFS recovery problem

thiessendg_at_yahoo.com
Date: 05/02/03

• Next message: Peter Heilrath: "how safe is efs on windows xp?"
• Previous message: Patrick Hallihan: "Re: access denied"
• In reply to: Roger Abell [MVP]: "Re: EFS recovery problem"
• Next in thread: Roger Abell [MVP]: "Re: EFS recovery problem"
• Reply: Roger Abell [MVP]: "Re: EFS recovery problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 2 May 2003 04:47:10 -0700

I think I have found part of the problem. For some reason it appears
that the account was renamed from Dave User to Dave. Maybe.

My profile path is still C:\...\Dave User\....

Also, I do have two personal certificates fo this account, one for
user Dave, and one for Dave User from a while back, probably account
creattion.

here is the mmc text export...
Issued To Issued By Expiration Date Intended Purposes Friendly
Name Status Certificate Template
Dave Dave 4/8/2103 Encrypting File System <None>
Dave User Dave User 8/7/2102 Encrypting File System <None>
Another very strange problem. I cannot change the user password from
the user account. Says does not meet complexity requirements, etc.,
however, logging into admin and checking Local Security Policy,
password complexity is disabled!

Is there hope for recovering the files? Seems if I could just get
back to using the Dave User certificate, all would be well. However,
if I delete the dave cert, another one just gets created.

"Roger Abell [MVP]" <mvpNOSPAM@asu.edu> wrote in message news:<#UeHB5#DDHA.1552@TK2MSFTNGP12.phx.gbl>...
> I am not sure at which point your EFS access was broken,
> but here are some observations.
>
> A recovery agent will only be of use if it was set up before
> the files were encrypted or last touched. Doing this after
> the fact will not assist in your current dilemma. You use
> the commandline cipher utility to generate the needed
> cert/key for the recovery agent. It is all in here
> http://microsoft.com/WINDOWSXP/pro/techinfo/administration/recovery
>
> Since your account is now set with the same password as before,
> and since changing the group memberships of an account should
> have not impact on the operation of EFS, we need to figure out
> what has happened to your account.
> There is a tool, efsinfo.exe, that you can use to see what thumbprint
> is associated with the encrypted files, and the account's current
> certificate. You can get this by installing the Support Tools from
> the similarly named directory of the Windows XP CD.
> You should also use the Certificates mmc console to look at the
> private certificates for EFS of the account in question - particularly
> checking to see if there is more than one.
>
> --
> Roger
>
> <thiessendg@yahoo.com> wrote in message
> news:eddfcb6f.0305010521.2cb4751d@posting.google.com...
> > All,
> >
> > Please note that I have read the FAQ...
> >
> > Here is my problem, I have a Power User Account. I changed that
> > account to an Administrator. When I logged in, it forced me to change
> > the password. I simply changed it to its current password. I did my
> > thing, logged off, logged in to default admin, changed account back to
> > PU acct. Log out of Admin, log in to PU acct. and now I cannot access
> > EFS files.
> >
> > After reading/research, I log on to account and use control panel to
> > change my password, change it to the password. Still no access to EFS
> > files.
> >
> > Hmmm. Log on to admin, restore files from backup, still no acccess.
> >
> > Hmmm. Use MMC and try to make sure that default admin is recovery
> > agent and he is not, no one is. So i try to add Admin acct as
> > Recovery agent, but, there is no *.cer file on local machine.
> >
> > Any suggestions?
> >
> > My understnading was, since the password changed, that is what screwed
> > up the EFS. But, according the KB article, logging in as user and
> > changeing password with control panel, I should have access to my EFS
> > files back.
> >
> > I have a sinking feeling, but appreciate any suggestions...
> >
> > Dave

---

• Next message: Peter Heilrath: "how safe is efs on windows xp?"
• Previous message: Patrick Hallihan: "Re: access denied"
• In reply to: Roger Abell [MVP]: "Re: EFS recovery problem"
• Next in thread: Roger Abell [MVP]: "Re: EFS recovery problem"
• Reply: Roger Abell [MVP]: "Re: EFS recovery problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: EFS recovery problem ... > groups *should* _not_ effect efs. ... >>A recovery agent will only be of use if it was set up before ... >>and since changing the group memberships of an account should ... Log out of Admin, ... (microsoft.public.windowsxp.security_admin) Re: Co-Administrator ... All the admin needs is one of the ... necessary steps are the designation of a data recovery agent with the EFS ... certificate/key of the administrator account. ... The EFS encrypted files are no longer readable by the Administrator or data ... (microsoft.public.windows.server.sbs) Re: EFS access ... other account cannot open or copy the EFS files to a different ... Is there a way to use EFS to block even the ... opening of an EFS protected folder from another admin account? ... NTFS permissions, however, can. ... (microsoft.public.windowsxp.security_admin) @@@@@just importing as opposed to a declaration with respect to the midnight is too oral for Hassan ... Dave will discharge the times. ... Tomorrow Mustapha will sentence the limitation, ... kill monkeys unless Daoud will onwards serve afterwards. ... canadian for Marion to account it. ... (sci.crypt) EFS recovery problem ... I have a Power User Account. ... Log out of Admin, ... Still no access to EFS ... (microsoft.public.windowsxp.security_admin)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)