Re: What account can decrypt the file?
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: Wed, 5 Nov 2003 18:33:35 -0700
I believe what efsinfo.exe is saying.
There is an account on each machine, System, that also
is known as the name of the machine with $ at the end
(this is what a domain knows it as).
However, as I recall, you did use the scheduled task trick
and from the cmd windows receive running as System (which
efsinfo say has decrypt capability - something I find wierd)
try using cipher.exe to decrypt the file (right?) and this did
not work. I am stumpted, as it seems you have an encrypted
file with no accounts allowed to decrypt (System does not
really make sense to me).
Out of curiosity, is this an En-Us English version of XP Pro?
-- Roger Abell Microsoft MVP (Windows Server System: Security) MCSE (W2k3,W2k,Nt4) MCDBA "Dmitriy Kopnichev" <firstname.lastname@example.org> wrote in message news:%23dIFBP4oDHA.1096@TK2MSFTNGP11.phx.gbl... > The efsinfo.exe says: > Users who can decrypt (the file): > NT AUTHORITY\SYSTEM (ME$(ME$@WORKGROUP)) > What account can decrypt the file? > "Data Recovery Agents For This File As Defined By Recovery Policy" is > "Administrator" is written in "Encryption Details for" the file window in > "Advanced Attributes" window. > The only user Name in "Users Who Can Transparently Access This File" in > "Encryption Details for" the file is "ME$(ME$@workgroup)". "ME" was my > computer name before renaming. The renaming was made for joining the domain. > "Workgroup" was my workgroup name. There was not a Local user with "ME" name > before joining the domain. > >