Re: Data Recovery Agent
From: XDA974 (XDA974_at_discussions.microsoft.com)
Date: 06/20/04
- Previous message: DeeAitch: "Re: Unknown Folder in Network Places"
- In reply to: Miha Pihler: "Re: Data Recovery Agent"
- Next in thread: XDA974: "Re: Data Recovery Agent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 20 Jun 2004 14:46:01 -0700
Mike,
You're a scholar and a gentleman. This is what I've been wailing about from minute 1! I am going to print your suggestions out and then take them to execution. Will let you know in a day or two how it went!
-- ENAS "Miha Pihler" wrote: > Well most of us around here answer these questions on our free time for free > to help out. I am sure that you could find your answer in one of those FAQs, > but it takes time I know... > > Well you need a recovery agent. You have few options. First one is you can > make your administrator a recovery agent or you can create a new user that > will be your recovery agent. > > If you want it to be administrator logon as administrator. Check that > administrator has a certificate that will enable him EFS function. For this > you can use IE under Tools -> Internet options -> Content -> Certificates. > If there is a certificate Issued to: Administrator you can export it by > clicking export. If you have the option select No, do not export the private > key and save the *.cer file on local hard drive. Remember the path where you > saved it and close all the windows. If you don't have any certificates for > administrator encrypt any file to create a self signed certificate for > administrator (e.g. create an empty text file and encrypt it; you can then > delete it)... > > Then open group policy editor (start -> run -> gpedit.msc) and drill down > under computer configuration -> windows settings -> security settings -> > Public key Policies -> Encryption File System -> right click in right pane > and select Add Recover Agent. Select Browse (folders) and look up an > administrator certificate that you exported earlier and add it... > After you have done this close Group Policy editor and log off as > administrator and logon in your usual account. From command line run: cipher > /u. This will update all your encrypted files with new data recovery > agent... > > On your system don't have any user accounts with blank or easy to guess > password. This will make EFS useless. Your certificates will expire after 1 > year so will have to issue new one (e.g. if administrator certificate > expires and you won't renew it, you won't be able to encrypt any files)... > Last but not least. Export and make backup copies of ALL your private keys! > > I hope this helps you out, > > Mike > > "XDA974" <XDA974@discussions.microsoft.com> wrote in message > news:FF26CE48-B543-4386-A04B-E5D6410C29EA@microsoft.com... > > No it's a home workstation. I was angry before which is why I wrote in > > Caps. I said in my original message, if whoever sees my post and sends a > > FAQ, don't do it! So what happened? This carey person sends me the lazy > > answer, FAQ! Which in turn DID NOT answer my question. > > Anyway, like I siad in my message I have successfully installed my > > certificate in the personal store and it has been accepted. My problem > > now, is that I am having a difficult time on how the Data Recovery Agent > > is installed. > > -- > > ENAS > > > > > > "Miha Pihler" wrote: > > > >> You could give us some more information if you want specific answer. > >> First > >> quite important information is is you computer part of domain or not? > >> > >> And please don't write in all capital letters. It's not polite and it's > >> hard > >> to read. > >> > >> Mike > >> > >> "XDA974" <XDA974@discussions.microsoft.com> wrote in message > >> news:4509A7BF-B151-4650-A00D-5492B0D7CFAB@microsoft.com... > >> >I NEED ONE SPECIFIC ANSWER NOT THOSE FAQs! THEY DO NOT ANSWER MY > >> >QUESTION > >> >ELOQUENTLY!!!!!!!!!! > >> > -- > >> > ENAS > >> > > >> > > >> > "Carey Frisch [MVP]" wrote: > >> > > >> >> HOW TO: Remove File Encryption in Windows XP > >> >> http://support.microsoft.com/default.aspx?scid=kb;EN-US;308993 > >> >> > >> >> Methods for Recovering Encrypted Data Files > >> >> http://support.microsoft.com/default.aspx?scid=kb;EN-US;255742 > >> >> > >> >> -- > >> >> Carey Frisch > >> >> Microsoft MVP > >> >> Windows XP - Shell/User > >> >> > >> >> Be Smart! Protect your PC! > >> >> http://www.microsoft.com/security/protect/ > >> >> > >> >> --------------------------------------------------------------------------------------- > >> >> > >> >> "XDA974" <XDA974@discussions.microsoft.com> wrote in message: > >> >> news:96B713C4-CB8B-44D4-A198-8CE403697949@microsoft.com... > >> >> > >> >> | Please provide me with a step-by-step solution not go to the FAQ and > >> >> go > >> >> take a jump int he lake! I need to > >> >> know how to include the Recovery Agent in the slot that shows the > >> >> encryption details for a particular file. > >> >> | For example in the upper window we see the User(s) who have > >> >> transparent > >> >> access to the file and below it > >> >> shows the Data Recovery Agent which can recover [decrypt] that file. > >> >> | I need to know how I install this Recovery Agent. HOW IS THIS DONE? > >> >> Step-by-step not a FAQ file that is > >> >> chaotic and simply opens up another can of worms! > >> >> | -- > >> >> | ENAS > >> >> > >> >> > >> > >> > >> > > >
- Previous message: DeeAitch: "Re: Unknown Folder in Network Places"
- In reply to: Miha Pihler: "Re: Data Recovery Agent"
- Next in thread: XDA974: "Re: Data Recovery Agent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
