Recovering EFS from a Backup

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Stung by EFS!
Can anyone help me recover my EFS files... I was a stand alone machine when
I encrypted, I didn't create a recovery agent (bad, bad, bad) and then I
joined a domain. Now I can't get to my EFS files. I did create a full system
backup (Not an ASR) prior to joining the domain. Can I roll back and
unencrypt, then rejoin my domain?

Thank you for your help in advance.

Mikego
7 answers Last reply
More about recovering backup
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Or is there an easier way? Like .cer file?

    Thanks,
    Mikego

    "Mike Go" wrote:

    > Stung by EFS!
    > Can anyone help me recover my EFS files... I was a stand alone machine when
    > I encrypted, I didn't create a recovery agent (bad, bad, bad) and then I
    > joined a domain. Now I can't get to my EFS files. I did create a full system
    > backup (Not an ASR) prior to joining the domain. Can I roll back and
    > unencrypt, then rejoin my domain?
    >
    > Thank you for your help in advance.
    >
    > Mikego
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    You should log on to the account that originally encrypted the files. You
    should be able to decrypt the files.

    While you are at it, also consider backing up your EFS certificate and keys.
    You can then import them for data recovery should a need arise in future.

    --
    Shreeniwas Kelkar [MSFT]

    This posting is provided "AS IS" with no warranties, and confers no rights.


    "Mike Go" <MikeGo@discussions.microsoft.com> wrote in message
    news:6EC833D6-4D76-4249-9B73-AB5BCF03548A@microsoft.com...
    > Stung by EFS!
    > Can anyone help me recover my EFS files... I was a stand alone machine
    > when
    > I encrypted, I didn't create a recovery agent (bad, bad, bad) and then I
    > joined a domain. Now I can't get to my EFS files. I did create a full
    > system
    > backup (Not an ASR) prior to joining the domain. Can I roll back and
    > unencrypt, then rejoin my domain?
    >
    > Thank you for your help in advance.
    >
    > Mikego
  3. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Mike Go schrieb:

    > Stung by EFS!
    > Can anyone help me recover my EFS files... I was a stand alone machine when
    > I encrypted, I didn't create a recovery agent (bad, bad, bad) and then I
    > joined a domain.

    That should not be a problem with EFS. Use your local account instead of
    your new domain account and everything should be fine.

    Jan
  4. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Jan,
    I tried logging on the local account, but could not decrypt. Not sure why.
    Mikego

    "Jan Peter Stotz" wrote:

    > Mike Go schrieb:
    >
    > > Stung by EFS!
    > > Can anyone help me recover my EFS files... I was a stand alone machine when
    > > I encrypted, I didn't create a recovery agent (bad, bad, bad) and then I
    > > joined a domain.
    >
    > That should not be a problem with EFS. Use your local account instead of
    > your new domain account and everything should be fine.
    >
    > Jan
    >
  5. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Why do you mean by "could not decrypt". Can you be more specific and
    describe the exact steps you are trying, the error you get, etc.

    Also, can you see your EFS certificate in the MY store. Does is have a
    private key associated with it?

    --
    Shreeniwas Kelkar [MSFT]

    This posting is provided "AS IS" with no warranties, and confers no rights.


    "Mike Go" <MikeGo@discussions.microsoft.com> wrote in message
    news:EC1E3972-DD2A-4847-84CE-6CD05E16BE30@microsoft.com...
    > Jan,
    > I tried logging on the local account, but could not decrypt. Not sure why.
    > Mikego
    >
    > "Jan Peter Stotz" wrote:
    >
    >> Mike Go schrieb:
    >>
    >> > Stung by EFS!
    >> > Can anyone help me recover my EFS files... I was a stand alone machine
    >> > when
    >> > I encrypted, I didn't create a recovery agent (bad, bad, bad) and then
    >> > I
    >> > joined a domain.
    >>
    >> That should not be a problem with EFS. Use your local account instead of
    >> your new domain account and everything should be fine.
    >>
    >> Jan
    >>
  6. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Sorry for the delay on the response,

    You asked about error messages, when I go to an encrypted file as a stand
    alone user, logging into the stand alone (not connected to the domain)
    machine01, I right click Properties>Advanced> UNCHECK Encrypt this file, all
    goes well until I Apply then I get the "Error Applying Attributes, an error
    occurred applying attributes to the file: File name, access is denied"

    The thumbprints for my certificate as well as the response from EFSinfo.exe
    is the same. However my thumbprint as a domain user is different.

    When I run efsinfo on an encrypted file I get

    Filename.txt: Encrypted
    Users who can decrypt:
    Machine01\Mike Go (Mike Go(Mike Go@SONY))

    Machine01 is the local machine
    Mike Go is my user name
    Not sure what @SONY represents, other than an earlier existance

    Also, could you expalin, MY Store? I went into the MMC, Certificates,
    Personal, Certificates, and there appears two certificates, one with a
    thumbnail from my previous life, and one with a thumbnail associated with my
    domain existance.

    These also appear in the Trusted People > Certificates. Both note that there
    are private keys associated with them. Where would I located these?

    Any help is appreciated.

    THX!,
    Mikego

    "Shreeniwas Kelkar [MSFT]" wrote:

    > Why do you mean by "could not decrypt". Can you be more specific and
    > describe the exact steps you are trying, the error you get, etc.
    >
    > Also, can you see your EFS certificate in the MY store. Does is have a
    > private key associated with it?
    >
    > --
    > Shreeniwas Kelkar [MSFT]
    >
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    >
    >
    > "Mike Go" <MikeGo@discussions.microsoft.com> wrote in message
    > news:EC1E3972-DD2A-4847-84CE-6CD05E16BE30@microsoft.com...
    > > Jan,
    > > I tried logging on the local account, but could not decrypt. Not sure why.
    > > Mikego
    > >
    > > "Jan Peter Stotz" wrote:
    > >
    > >> Mike Go schrieb:
    > >>
    > >> > Stung by EFS!
    > >> > Can anyone help me recover my EFS files... I was a stand alone machine
    > >> > when
    > >> > I encrypted, I didn't create a recovery agent (bad, bad, bad) and then
    > >> > I
    > >> > joined a domain.
    > >>
    > >> That should not be a problem with EFS. Use your local account instead of
    > >> your new domain account and everything should be fine.
    > >>
    > >> Jan
    > >>
    >
    >
    >
  7. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    You said that you opened MMC > Certificates > Personal > Certificates and saw
    a certificate associated with your domain existence. If you are truly logged
    on as the "local user" that you were when you encrypted the files on the
    standalone machine, you would not see a domain certificate in this store.
    (BTW: The Personal store is the MY store.)

    If you encrypted the files as Machine01/Mike Go, you must log in as
    Machine01/Mike Go in order to decrypt them. Don't log on as
    <UserDomain>\Mike Go. (You don't have to disconnect from the domain in order
    to log in with your local machine username.) Hope that helps.

    Thanks.
    Pat

    "Mike Go" wrote:

    > Sorry for the delay on the response,
    >
    > You asked about error messages, when I go to an encrypted file as a stand
    > alone user, logging into the stand alone (not connected to the domain)
    > machine01, I right click Properties>Advanced> UNCHECK Encrypt this file, all
    > goes well until I Apply then I get the "Error Applying Attributes, an error
    > occurred applying attributes to the file: File name, access is denied"
    >
    > The thumbprints for my certificate as well as the response from EFSinfo.exe
    > is the same. However my thumbprint as a domain user is different.
    >
    > When I run efsinfo on an encrypted file I get
    >
    > Filename.txt: Encrypted
    > Users who can decrypt:
    > Machine01\Mike Go (Mike Go(Mike Go@SONY))
    >
    > Machine01 is the local machine
    > Mike Go is my user name
    > Not sure what @SONY represents, other than an earlier existance
    >
    > Also, could you expalin, MY Store? I went into the MMC, Certificates,
    > Personal, Certificates, and there appears two certificates, one with a
    > thumbnail from my previous life, and one with a thumbnail associated with my
    > domain existance.
    >
    > These also appear in the Trusted People > Certificates. Both note that there
    > are private keys associated with them. Where would I located these?
    >
    > Any help is appreciated.
    >
    > THX!,
    > Mikego
    >
    > "Shreeniwas Kelkar [MSFT]" wrote:
    >
    > > Why do you mean by "could not decrypt". Can you be more specific and
    > > describe the exact steps you are trying, the error you get, etc.
    > >
    > > Also, can you see your EFS certificate in the MY store. Does is have a
    > > private key associated with it?
    > >
    > > --
    > > Shreeniwas Kelkar [MSFT]
    > >
    > > This posting is provided "AS IS" with no warranties, and confers no rights.
    > >
    > >
    > > "Mike Go" <MikeGo@discussions.microsoft.com> wrote in message
    > > news:EC1E3972-DD2A-4847-84CE-6CD05E16BE30@microsoft.com...
    > > > Jan,
    > > > I tried logging on the local account, but could not decrypt. Not sure why.
    > > > Mikego
    > > >
    > > > "Jan Peter Stotz" wrote:
    > > >
    > > >> Mike Go schrieb:
    > > >>
    > > >> > Stung by EFS!
    > > >> > Can anyone help me recover my EFS files... I was a stand alone machine
    > > >> > when
    > > >> > I encrypted, I didn't create a recovery agent (bad, bad, bad) and then
    > > >> > I
    > > >> > joined a domain.
    > > >>
    > > >> That should not be a problem with EFS. Use your local account instead of
    > > >> your new domain account and everything should be fine.
    > > >>
    > > >> Jan
    > > >>
    > >
    > >
    > >
Ask a new question

Read More

Data Recovery Domain Backup Security Microsoft Windows XP