Sign in with
Sign up | Sign in
Your question

changed password and efs

Last response: in Windows XP
Share
April 7, 2005 7:20:47 PM

Archived from groups: microsoft.public.windows.server.active_directory,microsoft.public.windows.server.general,microsoft.public.windows.server.security,microsoft.public.windowsxp.security_admin (More info?)

hi,
i apologise for cross-posting:

i have recently changed the domain administrator password but i have set a
so complicated one and i was so tired when i did it that i have forgotten it
(please don't start flames about this, i *know* i was wrong in this). but
few days before that, i have exported my certificate and private key onto my
usb stick. i am using the administrator account (yes, i *know* i shouldn't
have run as administrator, please don't start flaming) and so i am the
recovery agent too. so i wonder: if i reset my password (no, unfortunately i
have not made a password reset disk and also i have no back-up of my
ntds.dit before the password change) logging in as another member of
administrators group, and then login as administrator and import back my
certificate and private key, will i be able to access my efs files?
thank you very very much.
dc is windows 2003 sp1 with native 2003 ad mode

More about : changed password efs

Anonymous
April 7, 2005 7:20:48 PM

Archived from groups: microsoft.public.windows.server.active_directory,microsoft.public.windows.server.general,microsoft.public.windows.server.security,microsoft.public.windowsxp.security_admin (More info?)

You should still be able to use your EFS RA. Password changes and EFS only
apply to XP Pro/Windows 2003 local user accounts not domain accounts. Having
said that it would still be smart to create another RA for the domain that
would be able to recover EFS files that were created after it was
implemented or for files that have been opened since the new EFS RA was in
place. There is nothing wrong with writing your password down if it is
stored in a safe place, preferably in a sealed envelope - maybe at home in
your socks drawer. See the link below for more details. Keep in mind that
your EFS private key is also protected by a password that you gave it via a
..pfx file at the time of export. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;309408

"Ion" <groups@google.com> wrote in message
news:o fYc8w2OFHA.2132@TK2MSFTNGP14.phx.gbl...
> hi,
> i apologise for cross-posting:
>
> i have recently changed the domain administrator password but i have set a
> so complicated one and i was so tired when i did it that i have forgotten
> it
> (please don't start flames about this, i *know* i was wrong in this). but
> few days before that, i have exported my certificate and private key onto
> my
> usb stick. i am using the administrator account (yes, i *know* i shouldn't
> have run as administrator, please don't start flaming) and so i am the
> recovery agent too. so i wonder: if i reset my password (no, unfortunately
> i
> have not made a password reset disk and also i have no back-up of my
> ntds.dit before the password change) logging in as another member of
> administrators group, and then login as administrator and import back my
> certificate and private key, will i be able to access my efs files?
> thank you very very much.
> dc is windows 2003 sp1 with native 2003 ad mode
>
>
!