efs again... general question

[Guest]

I have a general question concerning efs in win xp pro sp2. When are the both
the certificates build: Is it during the first file you encrypt? I need some
files to be decrypt and the only backup of the whole C-drive is from the
period that efs was not used on the machine...

Any suggestions? please help... thank you!!!

Robbert

 

[Steven L Umbach]

In XP Pro by default only one EFS certificate/private key will be generated
for the user when they first encrypt a file. XP Pro will not generate a
Recovery Agent certificate/private key by default. If you could explain your
question in more detail someone may be able to help or provide more
information. With EFS if you have EFS encrypted files and you do not have
the EFS private key that belonged to the EFS certificate that encrypted the
files you can NOT decrypt them. The EFS private key would be in the user's
profile at a point in time after he started encrypting files with EFS. There
could be an exception if a Certificate Authority was used on the network and
the user had earlier requested an EFS certificate/private key but that is
usually not the case and you could find that info on the CA that issued the
certificate. Also if using a Recovery Agent at the domain level then files
could possibly be recovered with the RA if it was in effect before the user
started using EFS. The utility efsinfo can give you a lot of details about
and EFS file such as who can decrypt it and the RA if any. --- Steve

http://www.microsoft.com/technet/pr...Ref/dd2b3fcd-7b86-4df0-9952-cffa2f03d662.mspx
--- efsinfo

 

[Guest]

Hi Steve,

I already tried the efsinfo-util, but all is in vain... I have to file this
problem in the "live and learn"-section...

Aka: As you wrote your answer, it is no need to explain the question more in
detail.

Thanks anyway for your help...

Greetzzz,

Robbert


"Steven L Umbach" schreef: