September 22nd, 2006, 00:32 AM
I'm having a problem with EFS. I inadvertently encrypted a directory under Windows 2000. I backed up the 'Documents and Settings' folders (but did not export any keys) before reformatting the hard drive, and was left with quite a number of encryption keys in various locations. I've now switched to XP, and am unable to decrypt the encrypted files (which are still on another drive - I've not been able to move them). Advanced EFS Recovery doesn't do the trick, and I've tried moving the old key files to the XP locations where I presume they should be, but again without success. Is there any way around this problem?
Many thanks for any advice.
September 22nd, 2006, 01:07 AM
Old and Cranky
September 22nd, 2006, 01:47 AM
Sounds like your data is dust. But others have fought the battle that is now upon you:
You could try getting the data off the drive you reformatted. With the keys you could then access your content (but you'll need to find that data on the formatted drive which might be difficult if not impossible depending on how you formatted)
September 22nd, 2006, 03:48 AM
Succeded in braking Windo
I don't remember quite well, but it would be easier if the computer was part of a domain since a domain has a "master" certificate for the administrator.
I have not read the article that boogs posted, and I am not sure about this, but if it was myself I would try a couple of things.
1) try to imitate the master example from domain. Login as administrator (you have to have a password set on the administrator account, if your password is blank, you have to login in safe mode, and then change the password. DONOT CHANGE THE PASSWORD BY RESETING IT!!). As the administrator I would look into assigning a new certificate, or changing ownership of the files.
2) I would try to join the computer to a domain, and again use the domain recovery certificate. I am not sure if this actually works with local accounts, but it is worth a try.
I have not really used efs much since the users in my network are "complicated" so I would have locked files, corrupted or heaches wayy too ofteeennn.
Just as an example, I am currently fighting a losing battle of explaining why the antivirus blocks multiple file extensions in emails. Aparently some higher up, thought it was a good idea to save files like 9.06.2006.whatever.doc and spread the word. Now I have about 1500 files in the server that cannot be emailed until renamed