EFS Recovery Agent and Reseal

  • Thread starter Thread starter Mike Piotrowski
  • Start date Start date
M

Mike Piotrowski

Anyone had any luck creating an EFS Recovery Agent that survives the
fbreseal? I've tried various combinations of (1) create recovery cert
(cipher /r), (2) import into user cert store, (3) export that user's certs,
(4) reseal. If I then encrypt files after (4) I cannot seem to recover them
with my recovery agent.
 
Anyone had any luck creating an EFS Recovery Agent that survives the
fbreseal? I've tried various combinations of (1) create recovery cert
(cipher /r), (2) import into user cert store, (3) export that user's
certs, (4) reseal. If I then encrypt files after (4) I cannot seem to
recover them with my recovery agent.
Click to expand...

Without some in depth checking, I don't have a good answer, but my
educated guess would be that the reseal process is causing the user cert
for EFS to be regenerated. The pre-reseal exported certs would then be
invalid - you'd need to export them after the reseal.
 
Back
Top