P
Patrick Zook
Is it possible to restore an individuals AD User ID/GUID
from backup?
The issue:
A user encrypted files (not a folder)on their XP Pro
laptop but the user was removed from AD before the
encrypted files were de-crypted. The recovery Agent was
the local machine administrator but it was still unable to
de-crypt the files. I went to add the administrator
certificate to encrypted files but was denied. I went
through may differnet loops to find a way to decrypt the
files: using NTbackup and e-mailing them to the Recovery
Agent (also the domain admin) but was still unable to
decrypt the files. Tried different Security Policy
imports of PFX files but was still unsuccessful.
I also re-created the use and logged into the laptop but
since the GUID is different than the origianl user a new
profiles (username.domain) is created still denying access
to decrypt the files. I am not sure what to do at this
time. The thought was to restore a Domain Controller on a
standalone machine and have the laptop authenticate to
that machine with the original user id and then decrypt
the files.
We even tried decrypting programs and still unsuccessful.
If there is anyone there that can give me any help it
would be very much appreciated.
Thanks,
Patrick
from backup?
The issue:
A user encrypted files (not a folder)on their XP Pro
laptop but the user was removed from AD before the
encrypted files were de-crypted. The recovery Agent was
the local machine administrator but it was still unable to
de-crypt the files. I went to add the administrator
certificate to encrypted files but was denied. I went
through may differnet loops to find a way to decrypt the
files: using NTbackup and e-mailing them to the Recovery
Agent (also the domain admin) but was still unable to
decrypt the files. Tried different Security Policy
imports of PFX files but was still unsuccessful.
I also re-created the use and logged into the laptop but
since the GUID is different than the origianl user a new
profiles (username.domain) is created still denying access
to decrypt the files. I am not sure what to do at this
time. The thought was to restore a Domain Controller on a
standalone machine and have the laptop authenticate to
that machine with the original user id and then decrypt
the files.
We even tried decrypting programs and still unsuccessful.
If there is anyone there that can give me any help it
would be very much appreciated.
Thanks,
Patrick