Re: EFS Decryption Problem
- From: VanguardLH <V@xxxxxxxxx>
- Date: Thu, 17 Jul 2008 09:33:28 -0500
Zeretul1 wrote:
I have read all the posts I can find about this, and I still think my case
needs its own entry. So here goes...
I have not changed anything on my system. I built a new computer with new
parts, and removed all but the main hard drive from the old one. The files I
have encrypted are on a second partition of the remaining drive (under d:),
and I am trying to decrypt the files using the same user that encrypted them.
I did not do a system restore, reinstall or anything else that would
invalidate anything as far as I know. The only thing that may have occured is
a password change. Not reset, but change.
I am unable to decrypt my files, and I put my case before you. Any help will
be appreciated.
I have tried designating a recovery agent, doing an xcopy and zipping the
files to no avail. Always the "access denied" error.
I am in no way an expert on anything, but I have read and applied everything
I have found.
So, help me PLEASE!!
You put the old hard drive in the new computer. Does that mean the old
hard drive is running the old instance of Windows under which the EFS
certificate was generated? Or did you install a new instance of Windows
(in which the security ID for every account - which has nothing to do
with username - is different in the new instance than it was under the
old instance of Windows)?
If you are still running the old instance of Windows (but having to do a
repair install due to the change in hardware), read:
http://support.microsoft.com/kb/890951/en-us
However, since you saying the *remaining* drive has your encrypted data
files then it certainly appears that you blew away the old instance of
Windows (along with the EFS certificate) and installed a new instance of
Windows. In that case, and since you never mentioned exporting the EFS
certificate to removable media so you could import it into the new
instance of Windows, you have lost access to the content of those
encrypted files. There is no backdoor to EFS.
The username is irrelevant to EFS. The same username under different
instances of Windows are *different* accounts (with the exception of
roaming profiles in a domain - but it doesn't appear you are a member of
a domain but rather just a standalone host). The username might be the
same but the SID (security ID) for each will be different and a newly
generated EFS cert for each will be different. If you did not export
the EFS certificate and save it on removable media (floppy, CD, thumb
drive) to preserve its existence after wiping away the instance of
Windows under which it was generated, or designate an recovery agent
account (on some other host or in a domain), you'll never be able to
regenerate that same EFS certificate to let you decrypt those files.
Use Start -> Help and Support to read up on EFS, especially the part
about exporting its certificate.
.
- Follow-Ups:
- Re: EFS Decryption Problem
- From: Ziah
- Re: EFS Decryption Problem
- References:
- EFS Decryption Problem
- From: Zeretul1
- EFS Decryption Problem
- Prev by Date: Re: EFS Decryption Problem
- Next by Date: Re: Winexit.scr
- Previous by thread: Re: EFS Decryption Problem
- Next by thread: Re: EFS Decryption Problem
- Index(es):
Relevant Pages
|
|
