Restoring Encrypted Files

[Brandon S.]

If I encrypt files on an XP Pro client and backup those files using NT
backup . . . . would those files restore correctly to a different machine?
It would stand to reason that they would not since encrypted files (EFS) can
only be read by the machine they're encrypted on, but if they can't be
restored to a different machine, that seems like a problem.

 

[Andre Da Costa]

You could try taking ownership of the files.

http://support.microsoft.com/default.aspx?scid=kb;en-us;308421&sd=tech

Andre

 

[Brandon S.]

Thanks. I guess I'm not just looking for what MIGHT work. I'm trying to
find out what Microsoft's recommended method is of restoring EFS files to
another computer (best practice), but I haven't discovered it yet.

 

[Guest]

You export the certificate (which you've hopefully done
for backup purposes anyway) and import it on the new
machine.

 

[Rick \Nutcase\ Rogers]

Hi,

To get at encrypted files, you must have either the encryption certificate
exported from, or a recovery agent made on, the installation that encrypted
the files. Without one of these, there is no chance of recovery. There is no
back door here.

Best practices for the Encrypting File System
http://support.microsoft.com/?kbid=223316

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org

 

[Alex Nichol]

If I encrypt files on an XP Pro client and backup those files using NT
backup . . . . would those files restore correctly to a different machine?
It would stand to reason that they would not since encrypted files (EFS) can
only be read by the machine they're encrypted on, but if they can't be
restored to a different machine, that seems like a problem.

If you encrypt you *MUST* export the certificates to media off the
machine, so you could restore them. Without them the data is
irrecoverable. I don't think a lot of the system, while it is only too
easy to lose the data this way, the files are fully transparent once the
owner logs in, so they are in normal practice no more secure than his
logon password - usually not very, if at all

 

[Alex Nichol]

You could try taking ownership of the files.

http://support.microsoft.com/default.aspx?scid=kb;en-us;308421&sd=tech

If you are unaware what the encryption system is about please DO NOT
post about it

 

[Guest]

Alex:

Being new to this, I did not know that there was a certificate tied to my
encrypted files. I backed up all of my c drive though that had everything on
it. Can I find my certificate in my back up to get back my encrypted files?

Ok, now that I have asked the questions, I guess I should explain what I
did: I encrypted some files. I then backed up the whole hard disk including
the operating system, the encrypted files and everything else. Then I
formatted my hard drive and re-installed windows xp. Now I have restored by
encrypted files, and of course, since I did not know about the key, cannot
see them or use them.

Thanks for the help.

Robs
(e-mail address removed)

 

[Rick \Nutcase\ Rogers]

Hi Robs,

You would need to run that OS installation to recover the encryption
certificates in most instances. You may be able to find someone knowledgable
enough to extract the certificate from the backup via the user hive, but
expect to pay for it.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org

 

[Ron Bogart]

In

Alex:

Being new to this, I did not know that there was a certificate tied
to my encrypted files. I backed up all of my c drive though that had
everything on it. Can I find my certificate in my back up to get
back my encrypted files?

Ok, now that I have asked the questions, I guess I should explain
what I
did: I encrypted some files. I then backed up the whole hard disk
including the operating system, the encrypted files and everything
else. Then I formatted my hard drive and re-installed windows xp.
Now I have restored by encrypted files, and of course, since I did
not know about the key, cannot see them or use them.

Thanks for the help.

Robs
(e-mail address removed)

When you did your backup, what *type* of backup did you do? Was this an
image type backup (Ghost, DriveImage) that can restore you to a working
desktop or just a backup of all the files you could access? Should it be an
imaging type backup, you could restore to a working system and *then* export
your encryption key.

--
Ron Bogart {} ô¿ô¬
Associate Expert
Expert Zone -
Lovin life on Mercer Island 8^)
"Life is what happens while we are making other plans."
http://www.microsoft.com/windowsxp/expertzone/meetexperts/nichol.mspx
In memory of a true friend, MVP Alex Nichol (1935-2005)

 

[NobodyMan]

This is precisely why I think it was a big mistake to make encryption
possible by default. Too many home users use it without knowing how
or why it works, including the necessary knowledge of exporting the
certificates for safe keeping.

What state secrets does MS think the average home user is storing on
their computer, anyway?