We had a lightning strike on our net, and some machines
were replaced. A valid data recovery agent created under
the new instance of XP PRO cannot decrypt files that have
been simply copied back to the local machines from their
original hard drives where they were encrypted under a
previous instance of XP PRO. Can anyone help with this,
or has this data been lost?

Thanks for thinking....

This is by design. The recovery agent created under the new instance of XP
does not have the required keys to decrypt data encrypted under the previous
instance of XP. If that were possible, anybody could steal your encrypted
data and simply decrypt it on their own machine with their recovery agent.
I've heard of tools that will allow you to decrypt some or all of the data,
but I haven't tried them myself. Perhaps someone else here will have more
info on that, but try searching the web a bit.

-BR


"Dave" > wrote in message
...
> We had a lightning strike on our net, and some machines
> were replaced. A valid data recovery agent created under
> the new instance of XP PRO cannot decrypt files that have
> been simply copied back to the local machines from their
> original hard drives where they were encrypted under a
> previous instance of XP PRO. Can anyone help with this,
> or has this data been lost?
>
> Thanks for thinking....

What do you mean by copied back ?
The systems were restored from backups of the old
system - no, you copied fromthe old hard drives.
The certificates and keys from the old system were
copied to the new - using the correct methods to
import them into the new DRA ?

If all you have is the files from the old system, and
you do not have the previously exported cert/key for
the DRA or the encrypting accounts (of the old system)
then you are close to toasted.
If you have the complete account profiles from the old
system then you have a chance. You can either contact
MS for paid support, or you can follow instructions at
http://www.beginningtoseethelight.org/efsrecovery/index.php

--
Roger Abell
MS MVP (Windows, Security)
MCDBA MCSE W2k+NT4

"Dave" > wrote in message
...
> We had a lightning strike on our net, and some machines
> were replaced. A valid data recovery agent created under
> the new instance of XP PRO cannot decrypt files that have
> been simply copied back to the local machines from their
> original hard drives where they were encrypted under a
> previous instance of XP PRO. Can anyone help with this,
> or has this data been lost?
>
> Thanks for thinking....

Dave;
Are you sure it is not an Ownership issue:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q308421&

If the files are encrypted.
If you did not back-up the encryption key or the Recovery Agent and
are not on a domain, the files are as good as gone.
This must be accomplished while you have access to the files.

If you can restore the original profile (not recreate) you may be able
to recover the data.
Recreating profiles and passwords is irrelevant.
Contact Microsoft if you can restore the profile.
Or:
http://www.beginningtoseethelight.org/efsrecovery/index.php

EFS is very good at what it does and there is no back door.
Read and understand these links before using EFS to keep from
permanently losing your data:
http://www.microsoft.com/windowsxp/pro/techinfo/administration/recovery/default.asp
(58 pages)
http://support.microsoft.com/?id=223316

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
Please respond to newsgroup only for everyone's benefit.


"Dave" > wrote in message
...
> We had a lightning strike on our net, and some machines
> were replaced. A valid data recovery agent created under
> the new instance of XP PRO cannot decrypt files that have
> been simply copied back to the local machines from their
> original hard drives where they were encrypted under a
> previous instance of XP PRO. Can anyone help with this,
> or has this data been lost?
>
> Thanks for thinking....