EFS recovery problem

S

Sergiy Oliynyk

Have serious trouble with decryption of user files on notebook.
OS is Windows XP sp1 and host is in Domain (Windows 2000 Server).
Once client notebook was reinstalled, so all private keys were lost... there
no backup.

Standart "Administrator" account is designated as default recovery agent for
domain, and i see him as RA in encrypted file properties. That's all fine
except a fact that "Administrator" was deleted from AD...
I made new account "RecoveryAdmin" with domain administrator privileges, and
designated it as RA for default domain policy. As a result - all new files
are encrypted with "RecoveryAdmin" as RA in their properties. But not old
ones!!!

Is there a way to assign new RA for old files?

Thank You!
 
S

Sergiy Oliynyk

Thank you, David!
That helped!

David Cross said:
The new RA will only be updated on files once those files, have been opened,
modified or touched by a script to apply the new DRA cert to them. you
should run cupher.exe /u to update all files to the new DRA.

http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx


--


David B. Cross [MS]

--
This posting is provided "AS IS" with no warranties, and confers no rights.

http://support.microsoft.com

Sergiy Oliynyk said:
Have serious trouble with decryption of user files on notebook.
OS is Windows XP sp1 and host is in Domain (Windows 2000 Server).
Once client notebook was reinstalled, so all private keys were lost... there
no backup.

Standart "Administrator" account is designated as default recovery agent for
domain, and i see him as RA in encrypted file properties. That's all fine
except a fact that "Administrator" was deleted from AD...
I made new account "RecoveryAdmin" with domain administrator privileges, and
designated it as RA for default domain policy. As a result - all new files
are encrypted with "RecoveryAdmin" as RA in their properties. But not old
ones!!!

Is there a way to assign new RA for old files?

Thank You!
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

EFS Recovery Agent 8
EFS recovery agent 1
RA doesn't work after encrypting in XP 10
EFS recovery agents 3
EFS - setting up Recovery Agent 4
EFS activation 5
Cannot get EFS recovery agent function to work! 6
CA deleted - Can't decrypt files 3

Top