Re: Data Recovery Agent
From: Miha Pihler (mihap-news_at_atlantis.si)
Date: 06/20/04
- Next message: Miha Pihler: "Re: user account"
- Previous message: Carey Frisch [MVP]: "Re: Log"
- In reply to: XDA974: "Re: Data Recovery Agent"
- Next in thread: XDA974: "Re: Data Recovery Agent"
- Reply: XDA974: "Re: Data Recovery Agent"
- Reply: XDA974: "Re: Data Recovery Agent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 20 Jun 2004 19:27:13 +0200
Well most of us around here answer these questions on our free time for free
to help out. I am sure that you could find your answer in one of those FAQs,
but it takes time I know...
Well you need a recovery agent. You have few options. First one is you can
make your administrator a recovery agent or you can create a new user that
will be your recovery agent.
If you want it to be administrator logon as administrator. Check that
administrator has a certificate that will enable him EFS function. For this
you can use IE under Tools -> Internet options -> Content -> Certificates.
If there is a certificate Issued to: Administrator you can export it by
clicking export. If you have the option select No, do not export the private
key and save the *.cer file on local hard drive. Remember the path where you
saved it and close all the windows. If you don't have any certificates for
administrator encrypt any file to create a self signed certificate for
administrator (e.g. create an empty text file and encrypt it; you can then
delete it)...
Then open group policy editor (start -> run -> gpedit.msc) and drill down
under computer configuration -> windows settings -> security settings ->
Public key Policies -> Encryption File System -> right click in right pane
and select Add Recover Agent. Select Browse (folders) and look up an
administrator certificate that you exported earlier and add it...
After you have done this close Group Policy editor and log off as
administrator and logon in your usual account. From command line run: cipher
/u. This will update all your encrypted files with new data recovery
agent...
On your system don't have any user accounts with blank or easy to guess
password. This will make EFS useless. Your certificates will expire after 1
year so will have to issue new one (e.g. if administrator certificate
expires and you won't renew it, you won't be able to encrypt any files)...
Last but not least. Export and make backup copies of ALL your private keys!
I hope this helps you out,
Mike
"XDA974" <XDA974@discussions.microsoft.com> wrote in message
news:FF26CE48-B543-4386-A04B-E5D6410C29EA@microsoft.com...
> No it's a home workstation. I was angry before which is why I wrote in
> Caps. I said in my original message, if whoever sees my post and sends a
> FAQ, don't do it! So what happened? This carey person sends me the lazy
> answer, FAQ! Which in turn DID NOT answer my question.
> Anyway, like I siad in my message I have successfully installed my
> certificate in the personal store and it has been accepted. My problem
> now, is that I am having a difficult time on how the Data Recovery Agent
> is installed.
> --
> ENAS
>
>
> "Miha Pihler" wrote:
>
>> You could give us some more information if you want specific answer.
>> First
>> quite important information is is you computer part of domain or not?
>>
>> And please don't write in all capital letters. It's not polite and it's
>> hard
>> to read.
>>
>> Mike
>>
>> "XDA974" <XDA974@discussions.microsoft.com> wrote in message
>> news:4509A7BF-B151-4650-A00D-5492B0D7CFAB@microsoft.com...
>> >I NEED ONE SPECIFIC ANSWER NOT THOSE FAQs! THEY DO NOT ANSWER MY
>> >QUESTION
>> >ELOQUENTLY!!!!!!!!!!
>> > --
>> > ENAS
>> >
>> >
>> > "Carey Frisch [MVP]" wrote:
>> >
>> >> HOW TO: Remove File Encryption in Windows XP
>> >> http://support.microsoft.com/default.aspx?scid=kb;EN-US;308993
>> >>
>> >> Methods for Recovering Encrypted Data Files
>> >> http://support.microsoft.com/default.aspx?scid=kb;EN-US;255742
>> >>
>> >> --
>> >> Carey Frisch
>> >> Microsoft MVP
>> >> Windows XP - Shell/User
>> >>
>> >> Be Smart! Protect your PC!
>> >> http://www.microsoft.com/security/protect/
>> >>
>> >> ---------------------------------------------------------------------------------------
>> >>
>> >> "XDA974" <XDA974@discussions.microsoft.com> wrote in message:
>> >> news:96B713C4-CB8B-44D4-A198-8CE403697949@microsoft.com...
>> >>
>> >> | Please provide me with a step-by-step solution not go to the FAQ and
>> >> go
>> >> take a jump int he lake! I need to
>> >> know how to include the Recovery Agent in the slot that shows the
>> >> encryption details for a particular file.
>> >> | For example in the upper window we see the User(s) who have
>> >> transparent
>> >> access to the file and below it
>> >> shows the Data Recovery Agent which can recover [decrypt] that file.
>> >> | I need to know how I install this Recovery Agent. HOW IS THIS DONE?
>> >> Step-by-step not a FAQ file that is
>> >> chaotic and simply opens up another can of worms!
>> >> | --
>> >> | ENAS
>> >>
>> >>
>>
>>
>>
- Next message: Miha Pihler: "Re: user account"
- Previous message: Carey Frisch [MVP]: "Re: Log"
- In reply to: XDA974: "Re: Data Recovery Agent"
- Next in thread: XDA974: "Re: Data Recovery Agent"
- Reply: XDA974: "Re: Data Recovery Agent"
- Reply: XDA974: "Re: Data Recovery Agent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
