recovery agent EFS expire

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

i have a win 2000 domain network.Problem is that EFS stop to work.I looked at
certificates from security (domain) and recovery agent certificate
(administrator) expired.I have created a new one with cipher command (with /r
switch) and added in Security Settings/Public Key Policies/Encripted File
System.Now here I have two certificates - one for administrator (recovery
agent) which is expire and the other is new one which i have created. Anyway
my workstation cannot work with EFS. Should I remove the old certificate from
Encrypting File System?
 
Yes, remove the expired recovery certificate. EFS will not work as long as
an expired certificate is installed in policy--even if a good certificate is
also installed.

Thanks.
Pat
 
I have encrypted file in Windows 2000. I had to reinstall My Windows.
Reformatted the drive NTFS and I install Windows XP Pro. Now I cannot access
these files (encrypted file) in My Drive, which are stored in a separate
partition. How can I open Files Encrypted in My system.
Fatemeh
 
Your EFS certificate and private key were stored in your profile on your
Windows 2000 installation. If you've formated that drive, that information
is lost (unless you had made a backup of the certificate and key?). If your
machine was joined to a domain, your administrator may have an EFS recovery
policy in place and can decrypt the files for you; otherwise, there's no way
to recover them without the original certificate and key. I hope that's not
the case. (If you use EFS going forward, run "cipher /x" in Windows XP SP2
to back up your certificate and key.)

Thanks.
Pat
 
Back
Top