Re: Problems decrypting my files.

From: Jupiter Jones [MVP] (jones_jupiter_at_hotnomail.com)
Date: 06/11/05


Date: Sat, 11 Jun 2005 13:06:15 -0600

You can not create a Recovery Agent after the fact and expect it to work.
Without the original keys, your data is as good as gone.

See the links near the bottom of this page for ways to help prevent this in
the future:
http://www3.telus.net/dandemar/encrypt.htm

-- 
Jupiter Jones  [MVP]
http://www3.telus.net/dandemar
http://www.dts-l.org
"Waddaw" <Waddaw@discussions.microsoft.com> wrote in message 
news:A7081E54-8FD5-4A75-A147-ACF62B1035EF@microsoft.com...
> Hey,
>
>    I had a bunch of my files encrypted on my computer. I then without
> thinking reinstalled windows, same version mind you, and didn't backup my
> certificates. Now I'm in a situation where I can't decrypt my files and 
> can't
> figure out how to give myself the rights without my previous account, 
> which
> doesn't exist anymore.
>
>    I've created a Recovery Agent and made sure it's trusted, but it's
> useless beings how I created it AFTER the files were encrypted and the
> account that created them was deleted.
>
> Please don't tell me I've permanently lost my files.
>
> Thanks. 


Relevant Pages

  • RE: Decrypt File
    ... "accidentally" reinstalled the machine without saving the recovery agent. ... in properties for the encrypted data re-assign the new local admin account ... Senior Consultant (Directory Services Security) ... domain controllers) reinstalls of any single domain controller. ...
    (Security-Basics)
  • Re: EFS, certificates etc
    ... I backed up system state then created a certificate ... for the Admin account, which I have designated as the data recovery agent. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: EFS, certificates etc
    ... created a certificate ... >for the Admin account, which I have designated as the ... >data recovery agent cannot. ... >>> encryption. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: How to add a domain user as a Data Recovery Agent
    ... Recovery Agent certificate and when you examined the certificate are the ... I'm trying to figure out how to add a non-privileged, domain user account ... I add the users as data recovery agents. ...
    (microsoft.public.windows.server.security)
  • Re: File Encryption Help Needed
    ... The machine's previous domain has no AD, which means NT4 server, right? ... If you have no recovery agent and no keys exported earlier, ... get back your files are logon as the old account assuming that DC is still ... > Let us be sure this is about encryption, ...
    (microsoft.public.windowsxp.security_admin)