Re: EFS, Decrypting files with the encrypt attribute not set
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 10 Mar 2006 21:56:31 -0600
You might try using the cipher command and efsinfo is helpful also in
determining what users/RA/certificates are associated with the EFS file. You
can't "double encrypt" an EFS file though users/RA can be added as users
that can decrypt the file if they have the proper certificates/EFS private
key. --- Steve
<mscotgrove@xxxxxxx> wrote in message
news:1141750635.930015.161950@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Via data recovery one can get a file that is encrypted, but the
attribute in the directory shows that it is not encrypted. The only
command I can find for setting attribute SetFileAttributes does not
allow changing of this flag.
If one creates a new file with encryption attribute, it will encrypt
the new file, ie double encryption.
I can see two options
1) Modify the MFT on the disk directly. Possible, but not a nice thing
to do.
2) Read the file, and use XP decryption routines. This would be nicest
solution, but can anyone advise me on which set of routines work with
standard encrypted files. I am assuming access to the relevant keys.
Is there a third solution? I am happy/expecting to do low level
programming to resolve the problem.
Michael
.
- References:
- EFS, Decrypting files with the encrypt attribute not set
- From: mscotgrove@xxxxxxx
- EFS, Decrypting files with the encrypt attribute not set
- Prev by Date: Re: Remove GPO setting Help!!
- Next by Date: Re: Firewall port exceptions for VPN
- Previous by thread: EFS, Decrypting files with the encrypt attribute not set
- Next by thread: Re: Re-Activation
- Index(es):
