Re: Recovering EFS from a Backup

From: Mike Go (MikeGo_at_discussions.microsoft.com)
Date: 01/17/05 

Date: Mon, 17 Jan 2005 12:09:02 -0800

Sorry for the delay on the response,

You asked about error messages, when I go to an encrypted file as a stand
alone user, logging into the stand alone (not connected to the domain)
machine01, I right click Properties>Advanced> UNCHECK Encrypt this file, all
goes well until I Apply then I get the "Error Applying Attributes, an error
occurred applying attributes to the file: File name, access is denied"

The thumbprints for my certificate as well as the response from EFSinfo.exe
is the same. However my thumbprint as a domain user is different.

When I run efsinfo on an encrypted file I get

Filename.txt: Encrypted
  Users who can decrypt:
    Machine01\Mike Go (Mike Go(Mike Go@SONY))

Machine01 is the local machine
Mike Go is my user name
Not sure what @SONY represents, other than an earlier existance

Also, could you expalin, MY Store? I went into the MMC, Certificates,
Personal, Certificates, and there appears two certificates, one with a
thumbnail from my previous life, and one with a thumbnail associated with my
domain existance.

These also appear in the Trusted People > Certificates. Both note that there
are private keys associated with them. Where would I located these?

Any help is appreciated.

THX!,
Mikego

"Shreeniwas Kelkar [MSFT]" wrote:

> Why do you mean by "could not decrypt". Can you be more specific and
> describe the exact steps you are trying, the error you get, etc.
>
> Also, can you see your EFS certificate in the MY store. Does is have a
> private key associated with it?
>
> --
> Shreeniwas Kelkar [MSFT]
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
> "Mike Go" <MikeGo@discussions.microsoft.com> wrote in message
> news:EC1E3972-DD2A-4847-84CE-6CD05E16BE30@microsoft.com...
> > Jan,
> > I tried logging on the local account, but could not decrypt. Not sure why.
> > Mikego
> >
> > "Jan Peter Stotz" wrote:
> >
> >> Mike Go schrieb:
> >>
> >> > Stung by EFS!
> >> > Can anyone help me recover my EFS files... I was a stand alone machine
> >> > when
> >> > I encrypted, I didn't create a recovery agent (bad, bad, bad) and then
> >> > I
> >> > joined a domain.
> >>
> >> That should not be a problem with EFS. Use your local account instead of
> >> your new domain account and everything should be fine.
> >>
> >> Jan
> >>
>
>
>

Relevant Pages

  • Re: David Cross article
    ... checkbox etc. Drag the now encrypted file to the shared folder. ... same thing happens) in the Certificates (current ... When I go back as U1 to probe the file, I find that U1 has unlimiyed access ... >> Roger Abell ...
    (microsoft.public.windowsxp.security_admin)
  • Re: EFS/DRA
    ... Associated with the user is a Cert Thumbprint. ... User Object --> Certificates. ... You are creating a profile on the remote machine, generating a new EFS certificate, and attempting to open it with that certificate. ... It is not a transfer of the encrypted file to your machine. ...
    (microsoft.public.security)
  • Re: Using EFS on a server shared drive
    ... Windows XP performs revocation checking on all certificates for other users ... I want multiple users to share an encrypted file on a File server using ...
    (microsoft.public.windows.server.active_directory)
  • using EFS & WebDAV with multiple users
    ... EFS in combination with WebDAV: ... certificates, ... they are able to access and decrypt the encrypted file ... users who are allowed to access/decrypt the file. ...
    (microsoft.public.win2000.security)
  • Re: DRA is Decrypting Files when it shouldnt be!!!
    ... (meaning an encrypted file that was encrypted before the RA was setup. ... > could access the user's EFS files before logging on as the user after ... >> RA for that file and you will see that "Administrator is the RA. ...
    (microsoft.public.windowsxp.security_admin)