encrypted windows 2000 folder problem.

  • Thread starter Thread starter FudanEletronPhysics78
  • Start date Start date
F

FudanEletronPhysics78

Hi, greeting:

I have an encrypted folder in windows 2000 filesystem. Now I want to
deencrypt this folder. But anytime when I try to do so, it fails. I
could not open any files inside this folder. I can move this folder
and the its files to another folder in the save drive but not to
another drive. I cannot copy this folder and its files to any place
including another folder in the same drive. I can change permission of
the folder and its files. Any people have see this kind problem
before?

Thanks

CS
 
In FudanEletronPhysics78 <[email protected]> had this to say:

My reply is at the bottom of your sent message:
Hi, greeting:

I have an encrypted folder in windows 2000 filesystem. Now I want to
deencrypt this folder. But anytime when I try to do so, it fails. I
could not open any files inside this folder. I can move this folder
and the its files to another folder in the save drive but not to
another drive. I cannot copy this folder and its files to any place
including another folder in the same drive. I can change permission
of the folder and its files. Any people have see this kind problem
before?

Thanks

CS
Click to expand...

What happens if you try to do something sneaky like burn them to CD?

Galen
--

"You know that a conjurer gets no credit when once he has explained his
trick; and if I show you too much of my method of working, you will
come to the conclusion that I am a very ordinary individual after all."

Sherlock Holmes
 
Hi, greeting:

I have an encrypted folder in windows 2000 filesystem. Now I want to
deencrypt this folder. But anytime when I try to do so, it fails. I
could not open any files inside this folder. I can move this folder
and the its files to another folder in the save drive but not to
another drive. I cannot copy this folder and its files to any place
including another folder in the same drive. I can change permission of
the folder and its files. Any people have see this kind problem
before?

Thanks

CS
Click to expand...
Have you deleted your profile or rebuilt the computer recently? If so,
did you back up your EFS certificate and private key.
Load the WIndows 2000 Support Tools and run "efsinfo /r /u /c"
This will give you the thumbprints of the certificates required to
decrypt the files. There will be both a user and recovery agent
certificate that can be used.

Finally, load the Certificates MMC console focused on the Current User.
Ensure that you have:
- a certificate with the same thumbprint shown in the EFSINFO output
- You have the private key associated with the certificate (shown on the
General tab)

My guess, you rebuilt, did not backup the private key, so it is not in
your profile. Unless you have a PKCS#12 backup, your files are gone for
good

Brian
 
Thanks Brian:

When I have problem of Radias on my desktop. The guy from helpdesk who
try to fix it deleted my profile and rebuilt it. Looks like my EFS
certificate is gone. So does all my files ;(((((
 
Hi Brian,
This is the return when I run efsinfo /r /u /c
Anyway to use it for recovery?


ebook: Encrypted
Users who can decrypt:
PROG1\cshen (CN=cshen,L=EFS,OU=EFS File Encryption Certificate)
Certificate thumbprint: 29A3 948F 975C E385 953E 55FA C52C B8A8
DD3F 31D7
Recovery Agents:
PROG1\LANAdmin (OU=EFS File Encryption Certificate, L=EFS,
CN=Administrator)
Certificate thumbprint: C330 61BE 9F3B 7D6F C1F2 71F3 218B 8041
8CD6 C67D
 
PROG1\LANAdmin (OU=EFS File Encryption Certificate, L=EFS,
CN=Administrator)
Certificate thumbprint: C330 61BE 9F3B 7D6F C1F2 71F3 218B 8041
8CD6 C67D
Click to expand...
Is your computer named PROG1, or is it the domain?
You could possibly recover the data if the Prog1\LANAdmin user logged in
at the computer, imported the recovery agent certificate and private
key, and then decrypted your files.

Brian
 
Just to add to what Brian's comments you may want to inform the helpdesk or
your administrator of what happened to hopefully help prevent this from
happening to other users if there is no domain Recovery Agent. They should
routinely ask/remind users to see if they are using EFS encryption before
anything is done to alter the users profile or reinstall the operating
system. The link below may be helpful to someone in your organization and
for Windows 2000 someone should always try logging on as the built in
administrator account for the computer to try and access and decrypt the
files [they may need to take ownership first] since by default that would
be the Recovery Agent and the local RA private key probably is still on the
computer. Also if your data was very important there is a possibility that
you may be able to recover your EFS private key [stored in user profile]
since deleted files are usually not really deleted right away and there are
many programs that will attempt to recover deleted files. If that is the
case you may however need the help of paid Microsoft support to attempt to
recover the files. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
 
Back
Top