Re: Data Recovery Agent
From: Miha Pihler (mihap-news_at_atlantis.si)
Date: 06/27/04
- Next message: Miha Pihler: "Re: access denied - end process"
- Previous message: Miha Pihler: "Re: PASSWORD"
- In reply to: XDA974: "Re: Data Recovery Agent"
- Next in thread: XDA974: "Re: Data Recovery Agent"
- Reply: XDA974: "Re: Data Recovery Agent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 27 Jun 2004 09:40:19 +0200
What certificate do you use? How did you get it? What is it's extension?
*.cer?
Mike
"XDA974" <XDA974@discussions.microsoft.com> wrote in message
news:AAADF8F5-D484-4B36-95DE-A67DC31E0B04@microsoft.com...
> Mike,
> Hi. So far I am lucky in that aghosted HDD I had provisionally given to a
> friend has saved the day, EXCEPT for a folder which I had originally
> fiddled with and right now I have a challenge in my hands. About 98% of my
> data has been recovered except for this folder.
> Now, when I attempt to install a DRA I get the following error:
> "The file contains no certificates suitable for EFS Recovery. Please
> select another file or user."
> It really makes me angry that I cannot find a definitive 'manul' if you
> want to call it that to help me do this right. Instead I get some boorish
> document from these other MVPs which do nothing for my situation!
> OIiiiiiiiiiiiiiiiiiiiiiiiiii!!!!!!!
>
> --
> ENAS
>
>
> "Miha Pihler" wrote:
>
>> Thanks,
>>
>> I am glad I was able to help out,
>>
>> Mike
>>
>> "XDA974" <XDA974@discussions.microsoft.com> wrote in message
>> news:0A3514F4-FB60-4D67-AE0D-816AE9FDE2AD@microsoft.com...
>> > Mike,
>> > I must tell you, I took the time to read those tedious links that MVP
>> > person sent me and as I wrote already tedious, it was painful to go
>> > through and got next to NOTHING about how it's done. Your directions
>> > appear to be superior in their guidance and I think you should be the
>> > MVP!
>> > Also, the thing I was able to get out of the FAQ is that I must
>> > designate
>> > a DRA BEFOREHAND I begin encrypting docs, is this correct?
>> > Also, my current user account is already an Administrator, so is it
>> > still
>> > necessary for me to log in as Administrator proper?
>> > Thanks!
>> > --
>> > ENAS
>> >
>> >
>> > "Miha Pihler" wrote:
>> >
>> >> Well most of us around here answer these questions on our free time
>> >> for
>> >> free
>> >> to help out. I am sure that you could find your answer in one of those
>> >> FAQs,
>> >> but it takes time I know...
>> >>
>> >> Well you need a recovery agent. You have few options. First one is you
>> >> can
>> >> make your administrator a recovery agent or you can create a new user
>> >> that
>> >> will be your recovery agent.
>> >>
>> >> If you want it to be administrator logon as administrator. Check that
>> >> administrator has a certificate that will enable him EFS function. For
>> >> this
>> >> you can use IE under Tools -> Internet options -> Content ->
>> >> Certificates.
>> >> If there is a certificate Issued to: Administrator you can export it
>> >> by
>> >> clicking export. If you have the option select No, do not export the
>> >> private
>> >> key and save the *.cer file on local hard drive. Remember the path
>> >> where
>> >> you
>> >> saved it and close all the windows. If you don't have any certificates
>> >> for
>> >> administrator encrypt any file to create a self signed certificate for
>> >> administrator (e.g. create an empty text file and encrypt it; you can
>> >> then
>> >> delete it)...
>> >>
>> >> Then open group policy editor (start -> run -> gpedit.msc) and drill
>> >> down
>> >> under computer configuration -> windows settings -> security
>> >> settings ->
>> >> Public key Policies -> Encryption File System -> right click in right
>> >> pane
>> >> and select Add Recover Agent. Select Browse (folders) and look up an
>> >> administrator certificate that you exported earlier and add it...
>> >> After you have done this close Group Policy editor and log off as
>> >> administrator and logon in your usual account. From command line run:
>> >> cipher
>> >> /u. This will update all your encrypted files with new data recovery
>> >> agent...
>> >>
>> >> On your system don't have any user accounts with blank or easy to
>> >> guess
>> >> password. This will make EFS useless. Your certificates will expire
>> >> after
>> >> 1
>> >> year so will have to issue new one (e.g. if administrator certificate
>> >> expires and you won't renew it, you won't be able to encrypt any
>> >> files)...
>> >> Last but not least. Export and make backup copies of ALL your private
>> >> keys!
>> >>
>> >> I hope this helps you out,
>> >>
>> >> Mike
>> >>
>> >> "XDA974" <XDA974@discussions.microsoft.com> wrote in message
>> >> news:FF26CE48-B543-4386-A04B-E5D6410C29EA@microsoft.com...
>> >> > No it's a home workstation. I was angry before which is why I wrote
>> >> > in
>> >> > Caps. I said in my original message, if whoever sees my post and
>> >> > sends
>> >> > a
>> >> > FAQ, don't do it! So what happened? This carey person sends me the
>> >> > lazy
>> >> > answer, FAQ! Which in turn DID NOT answer my question.
>> >> > Anyway, like I siad in my message I have successfully installed my
>> >> > certificate in the personal store and it has been accepted. My
>> >> > problem
>> >> > now, is that I am having a difficult time on how the Data Recovery
>> >> > Agent
>> >> > is installed.
>> >> > --
>> >> > ENAS
>> >> >
>> >> >
>> >> > "Miha Pihler" wrote:
>> >> >
>> >> >> You could give us some more information if you want specific
>> >> >> answer.
>> >> >> First
>> >> >> quite important information is is you computer part of domain or
>> >> >> not?
>> >> >>
>> >> >> And please don't write in all capital letters. It's not polite and
>> >> >> it's
>> >> >> hard
>> >> >> to read.
>> >> >>
>> >> >> Mike
>> >> >>
>> >> >> "XDA974" <XDA974@discussions.microsoft.com> wrote in message
>> >> >> news:4509A7BF-B151-4650-A00D-5492B0D7CFAB@microsoft.com...
>> >> >> >I NEED ONE SPECIFIC ANSWER NOT THOSE FAQs! THEY DO NOT ANSWER MY
>> >> >> >QUESTION
>> >> >> >ELOQUENTLY!!!!!!!!!!
>> >> >> > --
>> >> >> > ENAS
>> >> >> >
>> >> >> >
>> >> >> > "Carey Frisch [MVP]" wrote:
>> >> >> >
>> >> >> >> HOW TO: Remove File Encryption in Windows XP
>> >> >> >> http://support.microsoft.com/default.aspx?scid=kb;EN-US;308993
>> >> >> >>
>> >> >> >> Methods for Recovering Encrypted Data Files
>> >> >> >> http://support.microsoft.com/default.aspx?scid=kb;EN-US;255742
>> >> >> >>
>> >> >> >> --
>> >> >> >> Carey Frisch
>> >> >> >> Microsoft MVP
>> >> >> >> Windows XP - Shell/User
>> >> >> >>
>> >> >> >> Be Smart! Protect your PC!
>> >> >> >> http://www.microsoft.com/security/protect/
>> >> >> >>
>> >> >> >> ---------------------------------------------------------------------------------------
>> >> >> >>
>> >> >> >> "XDA974" <XDA974@discussions.microsoft.com> wrote in message:
>> >> >> >> news:96B713C4-CB8B-44D4-A198-8CE403697949@microsoft.com...
>> >> >> >>
>> >> >> >> | Please provide me with a step-by-step solution not go to the
>> >> >> >> FAQ
>> >> >> >> and
>> >> >> >> go
>> >> >> >> take a jump int he lake! I need to
>> >> >> >> know how to include the Recovery Agent in the slot that shows
>> >> >> >> the
>> >> >> >> encryption details for a particular file.
>> >> >> >> | For example in the upper window we see the User(s) who have
>> >> >> >> transparent
>> >> >> >> access to the file and below it
>> >> >> >> shows the Data Recovery Agent which can recover [decrypt] that
>> >> >> >> file.
>> >> >> >> | I need to know how I install this Recovery Agent. HOW IS THIS
>> >> >> >> DONE?
>> >> >> >> Step-by-step not a FAQ file that is
>> >> >> >> chaotic and simply opens up another can of worms!
>> >> >> >> | --
>> >> >> >> | ENAS
>> >> >> >>
>> >> >> >>
>> >> >>
>> >> >>
>> >> >>
>> >>
>> >>
>> >>
>>
>>
>>
- Next message: Miha Pihler: "Re: access denied - end process"
- Previous message: Miha Pihler: "Re: PASSWORD"
- In reply to: XDA974: "Re: Data Recovery Agent"
- Next in thread: XDA974: "Re: Data Recovery Agent"
- Reply: XDA974: "Re: Data Recovery Agent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
