Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > How to identify files that have been encrypted with EFS?

How to identify files that have been encrypted with EFS?

Forum Windows 2000/NT : Windows 2000/NT General Discussion - How to identify files that have been encrypted with EFS?

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   02-01-2005 at 04:51:05 PM

Archived from groups: microsoft.public.win2000.security (More info?)

 

Hello,

How do I go about identifying files that my users have encrypted with EFS?

I'm going to disable it, but want to make sure that I can identify what
files are encrypted (through some command line means, I'm not going to look
through every folder in windows explorer).

Also, when I delete the default DRA that's in place, will any encrypted
files that I've missed suddenly become useless? Will the user be able to
decrypt them, but not encrypt them? Or can they still use them normally?

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   02-02-2005 at 03:50:06 AM
- 0 +

Archived from groups: microsoft.public.win2000.security (More info?)

 

Hi Daniel,

I am not sure about Windows 2000, but in Windows XP there is a tool called
"Cipher". If you run it as

cipher /s:c:\

it will list your files and their properties (encrypted or unencrypted).

If you remove DRA users will still be able to open the files as long as they
have their private keys. If they for some reason they lose their keys, there
will be no "backup keys" since you removed your DRA.

--
Mike
Microsoft MVP - Windows Security

"Daniel Peterson" <pythas@hotmail.com> wrote in message
news:OL5DfdJCFHA.2568@TK2MSFTNGP11.phx.gbl...
> Hello,
>
> How do I go about identifying files that my users have encrypted with EFS?
>
> I'm going to disable it, but want to make sure that I can identify what
> files are encrypted (through some command line means, I'm not going to
> look through every folder in windows explorer).
>
> Also, when I delete the default DRA that's in place, will any encrypted
> files that I've missed suddenly become useless? Will the user be able to
> decrypt them, but not encrypt them? Or can they still use them normally?
>

Reply to Anonymous
Anonymous   02-04-2005 at 12:41:53 AM
- 0 +

Archived from groups: microsoft.public.win2000.security (More info?)

 

Daniel Peterson wrote:

> How do I go about identifying files that my users have encrypted
> with EFS?
>
> I'm going to disable it, but want to make sure that I can identify
> what files are encrypted (through some command line means, I'm not
> going to look through every folder in windows explorer).
Hi

Using a VBScript is an option:

http://groups.google.co.uk/groups? [...] 12.phx.gbl



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/s [...] fault.mspx

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > How to identify files that have been encrypted with EFS?
Go to:

There are 1086 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 1.513 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them
How do I win badges?