Re: Data Recovery Agent
From: XDA974 (XDA974_at_discussions.microsoft.com)
Date: 06/27/04
- Next message: Jupiter Jones [MVP]: "Re: Wondering if I have a virus - is there a way to scan system for "f"
- Previous message: Afea: "Wondering if I have a virus - is there a way to scan system for "f"
- In reply to: Miha Pihler: "Re: Data Recovery Agent"
- Next in thread: Miha Pihler: "Re: Data Recovery Agent"
- Reply: Miha Pihler: "Re: Data Recovery Agent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 26 Jun 2004 22:40:01 -0700
Mike,
Hi. So far I am lucky in that aghosted HDD I had provisionally given to a friend has saved the day, EXCEPT for a folder which I had originally fiddled with and right now I have a challenge in my hands. About 98% of my data has been recovered except for this folder.
Now, when I attempt to install a DRA I get the following error:
"The file contains no certificates suitable for EFS Recovery. Please select another file or user."
It really makes me angry that I cannot find a definitive 'manul' if you want to call it that to help me do this right. Instead I get some boorish document from these other MVPs which do nothing for my situation! OIiiiiiiiiiiiiiiiiiiiiiiiiii!!!!!!!
-- ENAS "Miha Pihler" wrote: > Thanks, > > I am glad I was able to help out, > > Mike > > "XDA974" <XDA974@discussions.microsoft.com> wrote in message > news:0A3514F4-FB60-4D67-AE0D-816AE9FDE2AD@microsoft.com... > > Mike, > > I must tell you, I took the time to read those tedious links that MVP > > person sent me and as I wrote already tedious, it was painful to go > > through and got next to NOTHING about how it's done. Your directions > > appear to be superior in their guidance and I think you should be the MVP! > > Also, the thing I was able to get out of the FAQ is that I must designate > > a DRA BEFOREHAND I begin encrypting docs, is this correct? > > Also, my current user account is already an Administrator, so is it still > > necessary for me to log in as Administrator proper? > > Thanks! > > -- > > ENAS > > > > > > "Miha Pihler" wrote: > > > >> Well most of us around here answer these questions on our free time for > >> free > >> to help out. I am sure that you could find your answer in one of those > >> FAQs, > >> but it takes time I know... > >> > >> Well you need a recovery agent. You have few options. First one is you > >> can > >> make your administrator a recovery agent or you can create a new user > >> that > >> will be your recovery agent. > >> > >> If you want it to be administrator logon as administrator. Check that > >> administrator has a certificate that will enable him EFS function. For > >> this > >> you can use IE under Tools -> Internet options -> Content -> > >> Certificates. > >> If there is a certificate Issued to: Administrator you can export it by > >> clicking export. If you have the option select No, do not export the > >> private > >> key and save the *.cer file on local hard drive. Remember the path where > >> you > >> saved it and close all the windows. If you don't have any certificates > >> for > >> administrator encrypt any file to create a self signed certificate for > >> administrator (e.g. create an empty text file and encrypt it; you can > >> then > >> delete it)... > >> > >> Then open group policy editor (start -> run -> gpedit.msc) and drill down > >> under computer configuration -> windows settings -> security settings -> > >> Public key Policies -> Encryption File System -> right click in right > >> pane > >> and select Add Recover Agent. Select Browse (folders) and look up an > >> administrator certificate that you exported earlier and add it... > >> After you have done this close Group Policy editor and log off as > >> administrator and logon in your usual account. From command line run: > >> cipher > >> /u. This will update all your encrypted files with new data recovery > >> agent... > >> > >> On your system don't have any user accounts with blank or easy to guess > >> password. This will make EFS useless. Your certificates will expire after > >> 1 > >> year so will have to issue new one (e.g. if administrator certificate > >> expires and you won't renew it, you won't be able to encrypt any > >> files)... > >> Last but not least. Export and make backup copies of ALL your private > >> keys! > >> > >> I hope this helps you out, > >> > >> Mike > >> > >> "XDA974" <XDA974@discussions.microsoft.com> wrote in message > >> news:FF26CE48-B543-4386-A04B-E5D6410C29EA@microsoft.com... > >> > No it's a home workstation. I was angry before which is why I wrote in > >> > Caps. I said in my original message, if whoever sees my post and sends > >> > a > >> > FAQ, don't do it! So what happened? This carey person sends me the lazy > >> > answer, FAQ! Which in turn DID NOT answer my question. > >> > Anyway, like I siad in my message I have successfully installed my > >> > certificate in the personal store and it has been accepted. My problem > >> > now, is that I am having a difficult time on how the Data Recovery > >> > Agent > >> > is installed. > >> > -- > >> > ENAS > >> > > >> > > >> > "Miha Pihler" wrote: > >> > > >> >> You could give us some more information if you want specific answer. > >> >> First > >> >> quite important information is is you computer part of domain or not? > >> >> > >> >> And please don't write in all capital letters. It's not polite and > >> >> it's > >> >> hard > >> >> to read. > >> >> > >> >> Mike > >> >> > >> >> "XDA974" <XDA974@discussions.microsoft.com> wrote in message > >> >> news:4509A7BF-B151-4650-A00D-5492B0D7CFAB@microsoft.com... > >> >> >I NEED ONE SPECIFIC ANSWER NOT THOSE FAQs! THEY DO NOT ANSWER MY > >> >> >QUESTION > >> >> >ELOQUENTLY!!!!!!!!!! > >> >> > -- > >> >> > ENAS > >> >> > > >> >> > > >> >> > "Carey Frisch [MVP]" wrote: > >> >> > > >> >> >> HOW TO: Remove File Encryption in Windows XP > >> >> >> http://support.microsoft.com/default.aspx?scid=kb;EN-US;308993 > >> >> >> > >> >> >> Methods for Recovering Encrypted Data Files > >> >> >> http://support.microsoft.com/default.aspx?scid=kb;EN-US;255742 > >> >> >> > >> >> >> -- > >> >> >> Carey Frisch > >> >> >> Microsoft MVP > >> >> >> Windows XP - Shell/User > >> >> >> > >> >> >> Be Smart! Protect your PC! > >> >> >> http://www.microsoft.com/security/protect/ > >> >> >> > >> >> >> --------------------------------------------------------------------------------------- > >> >> >> > >> >> >> "XDA974" <XDA974@discussions.microsoft.com> wrote in message: > >> >> >> news:96B713C4-CB8B-44D4-A198-8CE403697949@microsoft.com... > >> >> >> > >> >> >> | Please provide me with a step-by-step solution not go to the FAQ > >> >> >> and > >> >> >> go > >> >> >> take a jump int he lake! I need to > >> >> >> know how to include the Recovery Agent in the slot that shows the > >> >> >> encryption details for a particular file. > >> >> >> | For example in the upper window we see the User(s) who have > >> >> >> transparent > >> >> >> access to the file and below it > >> >> >> shows the Data Recovery Agent which can recover [decrypt] that > >> >> >> file. > >> >> >> | I need to know how I install this Recovery Agent. HOW IS THIS > >> >> >> DONE? > >> >> >> Step-by-step not a FAQ file that is > >> >> >> chaotic and simply opens up another can of worms! > >> >> >> | -- > >> >> >> | ENAS > >> >> >> > >> >> >> > >> >> > >> >> > >> >> > >> > >> > >> > > >
- Next message: Jupiter Jones [MVP]: "Re: Wondering if I have a virus - is there a way to scan system for "f"
- Previous message: Afea: "Wondering if I have a virus - is there a way to scan system for "f"
- In reply to: Miha Pihler: "Re: Data Recovery Agent"
- Next in thread: Miha Pihler: "Re: Data Recovery Agent"
- Reply: Miha Pihler: "Re: Data Recovery Agent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
