sorry for my english, I am from Italy
1) assign to the new system the old sid
get the old sid from the name of the folder that contain the private
key
C:\Documents and Settings\username\Application
Data\Microsoft\Crypto\RSA\S-1-5-21-1390067357-507921405-1708537768-1109
to give the new sid ( in my system
S-1-5-21-1390067357-507921405-1708537768 ) use newsid
http://www.sysinternals.com/ntw2k/source/newsid.shtml
2) on the new system you must have a user with the same uid of the
user that encrypted, you can get the uid the name of the folder that
contain the private key (in my system 1109)
to chek the user uid use efsinfo from Microsoft, if you not have user
with that uid create users until the user with the right uid (the uid
is progressivly generated)
you can also use the administrator (uid 500), that is default efs
recovery agent, in that case you must use the administrator's keys
to the user you must assign the same password of the user who
encrypted and administrators right
3)you must copy on the new machine the folders:
C:\Documents and Settings\utentechehacriptato\Application
Data\Microsoft\Crypto
C:\Documents and Settings\utentechehacriptato\Application
Data\Microsoft\Protect
C:\Documents and Settings\utentechehacriptato\Application
Data\Microsoft\SystemCertificates
in the profile folder of the user with the same uid, overwriting
existing files
4) to decrypt you must logon with that user
if you have any problem write me (e-mail address removed)
hi
Enrico
