Newbee EFS can't decrypt

M

Mike Wegner

OK, I have a test folder that I decrypted about a year ago and suddenly I
can't access any of the files in it. Sure enough I can't decrypt it either.
I never made a recovery key using cypher, however after running efsinfo I
get:

C:\>EFSINFO /R /U /C dir h:\lanosrep
h:\
lanosrep: Encrypted
Users who can decrypt:
MY_DOMAIN\stanss [CN="Smith, Stan"]
Certificate thumbprint: 9CDE D879 78AB B60B 99B9 8B41 FE44 B78B AFBC
6AA0
Recovery Agents:
MY_DOMAIN\Administrator [OU=EFS File Encryption Certificate, L=EFS,
CN=Admin
istrator]
Certificate thumbprint: DE87 6F62 7BAA A9DC D597 FAB9 5D9F 259E E488
FE9A

From that info I think I should be able to decrppt since I am "Stan Smith"
and I also am the domain administrator. I have logged onto both the local
machine and the server with both accounts but am not able to decrypt. Can I
save myself here, or am I screwed?
 
M

Mike Wegner

correction: the first sentence should read

OK, I have a test folder that I ENcrypted about a year ago.......
 
S

Steven Umbach

If you reinstalled the operating system then you may not be able to recover
those files even though your user account is the same name. Windows 2000 also
has a recovery agent for EFS decryption as shown in the Efsinfo report which
would be the built in administrator on a stand alone computer, so you may want
to try logging in with that account to try to decrypt files. You could also try
to see if the thumbprints match on the certificates by viewing your certificate
by running mmc in the run box and adding the certificate snapin for user where
you can view thumbprint info on the details page, or course the matching EFS
private key used for decryption would still need to be on your computer which it
should be unless you deliberately tried to export and delete it. See the links
below for more information on EFS. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;255742
http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
 
D

Drew Cooper [MSFT]

Aren't you the same guy who asked about this on
microsoft.public.windows.server.security?
--
Drew Cooper [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.


Mike Wegner said:
correction: the first sentence should read

OK, I have a test folder that I ENcrypted about a year ago.......

Mike Wegner said:
OK, I have a test folder that I decrypted about a year ago and suddenly I
can't access any of the files in it. Sure enough I can't decrypt it either.
I never made a recovery key using cypher, however after running efsinfo I
get:

C:\>EFSINFO /R /U /C dir h:\lanosrep
h:\
lanosrep: Encrypted
Users who can decrypt:
MY_DOMAIN\stanss [CN="Smith, Stan"]
Certificate thumbprint: 9CDE D879 78AB B60B 99B9 8B41 FE44 B78B AFBC
6AA0
Recovery Agents:
MY_DOMAIN\Administrator [OU=EFS File Encryption Certificate, L=EFS,
CN=Admin
istrator]
Certificate thumbprint: DE87 6F62 7BAA A9DC D597 FAB9 5D9F 259E E488
FE9A

From that info I think I should be able to decrppt since I am "Stan Smith"
and I also am the domain administrator. I have logged onto both the local
machine and the server with both accounts but am not able to decrypt.
Click to expand...
Can
I
save myself here, or am I screwed?
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

EFS can't decrypt 5
EFS: decrypt files after lost pub/priv keys - possible? 6
Cant decrypt w/admin acct 4

Top