Re: What account can decrypt the file?

From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 11/06/03 

Date: Wed, 5 Nov 2003 18:33:35 -0700

I believe what efsinfo.exe is saying.
There is an account on each machine, System, that also
is known as the name of the machine with $ at the end
(this is what a domain knows it as).
However, as I recall, you did use the scheduled task trick
and from the cmd windows receive running as System (which
efsinfo say has decrypt capability - something I find wierd)
try using cipher.exe to decrypt the file (right?) and this did
not work. I am stumpted, as it seems you have an encrypted
file with no accounts allowed to decrypt (System does not
really make sense to me).
Out of curiosity, is this an En-Us English version of XP Pro? 

-- 
Roger Abell
Microsoft MVP (Windows Server System: Security)
MCSE (W2k3,W2k,Nt4)  MCDBA
"Dmitriy Kopnichev" <kopn@hotbox.ru> wrote in message
news:%23dIFBP4oDHA.1096@TK2MSFTNGP11.phx.gbl...
> The efsinfo.exe says:
> Users who can decrypt (the file):
>   NT AUTHORITY\SYSTEM (ME$(ME$@WORKGROUP))
> What account can decrypt the file?
> "Data Recovery Agents For This File As Defined By Recovery Policy" is
> "Administrator" is written in "Encryption Details for" the file window in
> "Advanced Attributes" window.
> The only user Name in "Users Who Can Transparently Access This File" in
> "Encryption Details for" the file is "ME$(ME$@workgroup)". "ME" was my
> computer name before renaming. The renaming was made for joining the
domain.
> "Workgroup" was my workgroup name. There was not a Local user with "ME"
name
> before joining the domain.
>
>

Relevant Pages

  • Re: how to connect puters via crossover cable!?
    ... > it is a domain profile and when you moved it to a workgroup you ... your local account doesn't have the SID necessary ... >>hell I'm doing when it comes to networking, ... >>> to set up your user name for the Windows 2000 computer on the XP ...
    (microsoft.public.windowsxp.general)
  • Re: Windows 2000 on laptop changed its password
    ... Problem is when you go from a domain to a workgroup. ... account does not exist on your laptop and once you moved to a workgroup you ... Microsoft MVP - Windows NT Server ... > I was working with a laptop that had Windows 2000 preinstalled. ...
    (microsoft.public.win2000.networking)
  • Re: Installing Slave Drive
    ... In a peer level workgroup, when you try to access resources on a Windows ... account doesn't exist in it's local account database, ... "RAM" wrote: ...
    (microsoft.public.win2000.general)
  • Re: Accessing a Windows Network
    ... This is the way a Workgroup on Windows works with guest disabled (the ... have to have a user account and password Windows-Windows; ...
    (alt.os.linux.suse)
  • RE: EFS Decryption
    ... I understand that you want to decrypt the files encrypted by a deleted ... In Windows 2000 domain, when the first domain controller is set up, ... the domain administrator is the specified recovery agent for the domain. ... Login to the user's system using the domain administrator account. ...
    (microsoft.public.win2000.security)