I encrytped some files on a secondary hard drive. I then
formatted my C drive and re-installed windows XP Pro. I
can't decrypt these files! I've tried importing
certificates using mmc, removing the encrypting file
system policy, and when I tried to add a recovery agent
using win explorer, I get an error message "error adding
new user(s). Error code 5". I have also tried cipher
with the /u /n parameters to no avail. Any suggestions?

You can only add user when you can access files. Cipher /u /n will use the
new keys only when you can access the files with old keys. Recovery agent
will be useful only for the files encrypted when the policy is in effect.
You can't force recovery agent to a file which you can't access. Do these
make sense? If not, then no one will use EFS. You can get the file without
the old key. Who will use the EFS?

If your profile is on C and you formatted it without backing up your EFS
cert + keys, I feel sorry that your EFS files are gone. I strongly recommend
you backup your EFS cert+keys before using EFS on your important files.

Thanks,

Robert Gu

--
This posting is provided "AS IS" with no warranties, and
confers no rights.

"Garry Garner" > wrote in message
...
> I encrytped some files on a secondary hard drive. I then
> formatted my C drive and re-installed windows XP Pro. I
> can't decrypt these files! I've tried importing
> certificates using mmc, removing the encrypting file
> system policy, and when I tried to add a recovery agent
> using win explorer, I get an error message "error adding
> new user(s). Error code 5". I have also tried cipher
> with the /u /n parameters to no avail. Any suggestions?

may help:
http://www.beginningtoseethelight.org/efsrecovery/


>-----Original Message-----
>You can only add user when you can access files. Cipher /u
/n will use the
>new keys only when you can access the files with old keys.
Recovery agent
>will be useful only for the files encrypted when the
policy is in effect.
>You can't force recovery agent to a file which you can't
access. Do these
>make sense? If not, then no one will use EFS. You can get
the file without
>the old key. Who will use the EFS?
>
>If your profile is on C and you formatted it without
backing up your EFS
>cert + keys, I feel sorry that your EFS files are gone. I
strongly recommend
>you backup your EFS cert+keys before using EFS on your
important files.
>
>Thanks,
>
>Robert Gu
>
>--
>This posting is provided "AS IS" with no warranties, and
>confers no rights.
>
>"Garry Garner" > wrote in message
...
>> I encrytped some files on a secondary hard drive. I then
>> formatted my C drive and re-installed windows XP Pro. I
>> can't decrypt these files! I've tried importing
>> certificates using mmc, removing the encrypting file
>> system policy, and when I tried to add a recovery agent
>> using win explorer, I get an error message "error adding
>> new user(s). Error code 5". I have also tried cipher
>> with the /u /n parameters to no avail. Any suggestions?
>
>
>.
>

Peter;
Only if the ORIGINAL profile can be restored (NOT recreated)

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
Please respond to newsgroup only for everyone's benefit.


"Peter Clark" > wrote in message
...
> may help:
> http://www.beginningtoseethelight.org/efsrecovery/
>
>
> >-----Original Message-----
> >You can only add user when you can access files. Cipher /u
> /n will use the
> >new keys only when you can access the files with old keys.
> Recovery agent
> >will be useful only for the files encrypted when the
> policy is in effect.
> >You can't force recovery agent to a file which you can't
> access. Do these
> >make sense? If not, then no one will use EFS. You can get
> the file without
> >the old key. Who will use the EFS?
> >
> >If your profile is on C and you formatted it without
> backing up your EFS
> >cert + keys, I feel sorry that your EFS files are gone. I
> strongly recommend
> >you backup your EFS cert+keys before using EFS on your
> important files.
> >
> >Thanks,
> >
> >Robert Gu
> >
> >--
> >This posting is provided "AS IS" with no warranties, and
> >confers no rights.
> >
> >"Garry Garner" > wrote in message
> ...
> >> I encrytped some files on a secondary hard drive. I then
> >> formatted my C drive and re-installed windows XP Pro. I
> >> can't decrypt these files! I've tried importing
> >> certificates using mmc, removing the encrypting file
> >> system policy, and when I tried to add a recovery agent
> >> using win explorer, I get an error message "error adding
> >> new user(s). Error code 5". I have also tried cipher
> >> with the /u /n parameters to no avail. Any suggestions?
> >
> >
> >.
> >

Garry;
Are you sure it is not an Ownership issue:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q308421&

If the files are encrypted.
If you did not back-up the encryption key or the Recovery Agent and
are not on a domain, the files are as good as gone.
This must be accomplished while you have access to the files.
If you have not already done so, it is now to late.

If you can restore the original profile (not recreate) you may be able
to recover the data.
Recreating profiles and passwords is irrelevant.
Contact Microsoft if you can restore the profile.
Or:
http://www.beginningtoseethelight.org/efsrecovery/index.php

EFS is very good at what it does and there is no back door.
Read and understand these links before using EFS to keep from
permanently losing your data:
http://www.microsoft.com/windowsxp/pro/techinfo/administration/recovery/default.asp
(58 pages)
http://support.microsoft.com/?id=223316

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
Please respond to newsgroup only for everyone's benefit.


"Garry Garner" > wrote in message
...
> I encrytped some files on a secondary hard drive. I then
> formatted my C drive and re-installed windows XP Pro. I
> can't decrypt these files! I've tried importing
> certificates using mmc, removing the encrypting file
> system policy, and when I tried to add a recovery agent
> using win explorer, I get an error message "error adding
> new user(s). Error code 5". I have also tried cipher
> with the /u /n parameters to no avail. Any suggestions?

yes i know :-) but the other day i help somebody recover
after they had reinstalled over the top by searching the
disk for the two key files, they had not been overwritten
and we found them and recovered the data.


>-----Original Message-----
>Peter;
>Only if the ORIGINAL profile can be restored (NOT recreated)
>
>--
>Jupiter Jones [MVP]
>An easier way to read newsgroup messages:
>http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
>Please respond to newsgroup only for everyone's benefit.
>
>
>"Peter Clark" > wrote in message
...
>> may help:
>> http://www.beginningtoseethelight.org/efsrecovery/
>>
>>
>> >-----Original Message-----
>> >You can only add user when you can access files. Cipher /u
>> /n will use the
>> >new keys only when you can access the files with old keys.
>> Recovery agent
>> >will be useful only for the files encrypted when the
>> policy is in effect.
>> >You can't force recovery agent to a file which you can't
>> access. Do these
>> >make sense? If not, then no one will use EFS. You can get
>> the file without
>> >the old key. Who will use the EFS?
>> >
>> >If your profile is on C and you formatted it without
>> backing up your EFS
>> >cert + keys, I feel sorry that your EFS files are gone. I
>> strongly recommend
>> >you backup your EFS cert+keys before using EFS on your
>> important files.
>> >
>> >Thanks,
>> >
>> >Robert Gu
>> >
>> >--
>> >This posting is provided "AS IS" with no warranties, and
>> >confers no rights.
>> >
>> >"Garry Garner" > wrote in message
>> ...
>> >> I encrytped some files on a secondary hard drive. I then
>> >> formatted my C drive and re-installed windows XP Pro. I
>> >> can't decrypt these files! I've tried importing
>> >> certificates using mmc, removing the encrypting file
>> >> system policy, and when I tried to add a recovery agent
>> >> using win explorer, I get an error message "error adding
>> >> new user(s). Error code 5". I have also tried cipher
>> >> with the /u /n parameters to no avail. Any suggestions?
>> >
>> >
>> >.
>> >
>
>
>.
>