|
| If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|||||||
|
|
Thread Tools | Display Modes |
|
#1
December 1st 09, 03:05 PM
posted to microsoft.public.windowsxp.security_admin
|
|||
|
|||
Encrypted Files
Hello-
I have a windows XP laptop that is part of a windows domain. The user encrypted some important files on a d:\subfolder. Windows started to act weird and windows was reinstalled. All the files on D drive are intact but the user is unable to access them and gets a access denied error. We have an enterprise CA in our domain as well. I was wondering if it's possible to recover those files.I tried third party utilities with no luck. Any help will be much appreciated. Thanks, 
|
| Ads |
|
#2
December 1st 09, 03:14 PM
posted to microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Encrypted Files
JJ wrote:
Hello- I have a windows XP laptop that is part of a windows domain. The user encrypted some important files on a d:\subfolder. Windows started to act weird and windows was reinstalled. All the files on D drive are intact but the user is unable to access them and gets a access denied error. We have an enterprise CA in our domain as well. I was wondering if it's possible to recover those files.I tried third party utilities with no luck. Any help will be much appreciated. The domain administrator should be the recovery agent for the files, have him recover the files. John
|
|
#3
December 1st 09, 03:15 PM
posted to microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Encrypted Files
JJ wrote:
I have a windows XP laptop that is part of a windows domain. The user encrypted some important files on a d:\subfolder. Windows started to act weird and windows was reinstalled. All the files on D drive are intact but the user is unable to access them and gets a access denied error. We have an enterprise CA in our domain as well. I was wondering if it's possible to recover those files.I tried third party utilities with no luck. Any help will be much appreciated. In what way does the user logon to the laptop (local account or domain account?) Were best practices for EFS followed? Best practices for the Encrypting File System http://support.microsoft.com/kb/223316 - Were the certificates and private keys exported to removable media before the incident where the system was rebuilt? - Were recovery agents created / utilized? Although there is much discussion about this - in general - if the best practices are not followed and access to the encrypted files are ever lost (with no hope of reverting to a previous state/image) - then the data contained within the encrypted files is practically gone. ( I say practically - because if you have a couple of lifetimes - anything is possible. ;-) ) Wouldn't be much of a protection scheme if there was some easy back door anyone could use to get in, would it? -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html
|
|
#4
December 1st 09, 04:10 PM
posted to microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Encrypted Files
no best practices were followed. I was reading a article and it mentioned
that the administrator account is the default recovery agent in a domain. Would this help me in any way? BTW- No keys were exported. Thanks, "Shenan Stanley" wrote in message ... JJ wrote: I have a windows XP laptop that is part of a windows domain. The user encrypted some important files on a d:\subfolder. Windows started to act weird and windows was reinstalled. All the files on D drive are intact but the user is unable to access them and gets a access denied error. We have an enterprise CA in our domain as well. I was wondering if it's possible to recover those files.I tried third party utilities with no luck. Any help will be much appreciated. In what way does the user logon to the laptop (local account or domain account?) Were best practices for EFS followed? Best practices for the Encrypting File System http://support.microsoft.com/kb/223316 - Were the certificates and private keys exported to removable media before the incident where the system was rebuilt? - Were recovery agents created / utilized? Although there is much discussion about this - in general - if the best practices are not followed and access to the encrypted files are ever lost (with no hope of reverting to a previous state/image) - then the data contained within the encrypted files is practically gone. ( I say practically - because if you have a couple of lifetimes - anything is possible. ;-) ) Wouldn't be much of a protection scheme if there was some easy back door anyone could use to get in, would it? -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
