Real Geek Forums > Archives > Operating Systems > Windows XP > Windows XP Security & Administration > De-encrypting files

De-encrypting files

Posted: 10-31-2003, 04:11 PM
Roger Bradley
Guest
Posts: n/a
 
I recently upgraded my motherboard. Everything went very
smoothly. I re-installed XP Pro. I'd backed up all my
data and had no problems getting things back to normal.
Apart from an excel spreadsheet that was encrypted when I
backed up.
Now when I try to open it I get a message telling me the
file is encrypted and cannot be opened.
I've tried to un-encrypt it but I get an error message
telling me access is denied.
When I right click on the file, select Properties /
Advanced then Details, under Users Who can Transparently
Access This file is my name and a Certificate Thumbprint.
This I assume is from my previous install and is the
reason I cannot access the file. I've tried adding my
current certificate but get an error window titled, EFSADU
saying "Error in adding new user(s). Error Code 5"
I've tried to add myself as a Data Recovery Agent but get
an error message when I select my certificate saying The
File contains no certificates suitable for Encrypted File
System Recovery. Please select another file or user.
I'm stuck. If anyone can help it would be appreciated.

Reply With Quote

Responses to "De-encrypting files"

Jupiter Jones [MVP]
Guest
Posts: n/a
 
Re: De-encrypting files
Posted: 10-31-2003, 04:59 PM
Roger;
Are you sure it is not an Ownership issue:
http://support.microsoft.com/?kbid=308421

If the files are encrypted.
If you did not back-up the encryption key or the Recovery Agent and
are not on a domain, the files are as good as gone.
This must be accomplished while you have access to the files.
If you have not already done so, it is now to late.

If you can restore the original profile (not recreate) and know the
password, you may be able to recover the data.
Recreating profiles and passwords is irrelevant.
Contact Microsoft if you can restore the profile.
Or:
http://www.beginningtoseethelight.or...very/index.php

EFS is very good at what it does and there is no back door.
Read and understand these links before using EFS to keep from
permanently losing your data:
http://www.microsoft.com/windowsxp/p...ry/default.asp
(58 pages)
http://support.microsoft.com/?id=223316

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/p...oups/setup.asp
http://dts-l.org/index.html


"Roger Bradley" <roger.bradley@ntlworld.com> wrote in message
news:000701c39fc9$9509dbc0$a301280a@phx.gbl...
> I recently upgraded my motherboard. Everything went very
> smoothly. I re-installed XP Pro. I'd backed up all my
> data and had no problems getting things back to normal.
> Apart from an excel spreadsheet that was encrypted when I
> backed up.
> Now when I try to open it I get a message telling me the
> file is encrypted and cannot be opened.
> I've tried to un-encrypt it but I get an error message
> telling me access is denied.
> When I right click on the file, select Properties /
> Advanced then Details, under Users Who can Transparently
> Access This file is my name and a Certificate Thumbprint.
> This I assume is from my previous install and is the
> reason I cannot access the file. I've tried adding my
> current certificate but get an error window titled, EFSADU
> saying "Error in adding new user(s). Error Code 5"
> I've tried to add myself as a Data Recovery Agent but get
> an error message when I select my certificate saying The
> File contains no certificates suitable for Encrypted File
> System Recovery. Please select another file or user.
> I'm stuck. If anyone can help it would be appreciated.
>

Reply With Quote
Roger Abell [MVP]
Guest
Posts: n/a
 
Re: De-encrypting files
Posted: 11-01-2003, 06:54 PM
You are correct that the EFS information is referring to the
account that existed in the prior system.
Adding an allowed account can only be done by an account
that can decrypt the EFS protected file.
Adding a DRA at this time will not help. That needed to be
done before the file was last successfully accessed. The
certificate/key pair needed for a DRA is obtained by use of
the cipher commandline utility.

At this point, in order to access the file you will need the
previously exported EFS key from the prior account, or
there are ways if you have the full, undisturbed profile of
the prior account and know what its password was, or you
could restore the entire prior system from a full backup with
system state included. If you were in an uplevel domain then
you may have other alternatives using the domain-level DRA.

--
Roger Abell
Microsoft MVP (Windows Server System: Security)
MCDBA, MCSE W2k3+W2k+Nt4
"Roger Bradley" <roger.bradley@ntlworld.com> wrote in message
news:000701c39fc9$9509dbc0$a301280a@phx.gbl...
> I recently upgraded my motherboard. Everything went very
> smoothly. I re-installed XP Pro. I'd backed up all my
> data and had no problems getting things back to normal.
> Apart from an excel spreadsheet that was encrypted when I
> backed up.
> Now when I try to open it I get a message telling me the
> file is encrypted and cannot be opened.
> I've tried to un-encrypt it but I get an error message
> telling me access is denied.
> When I right click on the file, select Properties /
> Advanced then Details, under Users Who can Transparently
> Access This file is my name and a Certificate Thumbprint.
> This I assume is from my previous install and is the
> reason I cannot access the file. I've tried adding my
> current certificate but get an error window titled, EFSADU
> saying "Error in adding new user(s). Error Code 5"
> I've tried to add myself as a Data Recovery Agent but get
> an error message when I select my certificate saying The
> File contains no certificates suitable for Encrypted File
> System Recovery. Please select another file or user.
> I'm stuck. If anyone can help it would be appreciated.
>

Reply With Quote
Adam Orden
Guest
Posts: n/a
 
Re: De-encrypting files
Posted: 11-02-2003, 11:22 PM
Roger,
I have a similar problem. Maybe you can help.

I encrypted some data files a few weeks ago.

I saved my entire user profile to a backup partition.
I reinstalled ( complete ) WinXP Prof.
Now I cannot decrypt those files.
Idid not make or export my data recovery certificate.
However, as I stated I have the entire user profile saved.

Is it possible to get permissions restored to decrypt these files.
Is so how?
Please be as detailed as possible.
Thanks.


"Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
news:#tFATmKoDHA.2536@tk2msftngp13.phx.gbl...
> You are correct that the EFS information is referring to the
> account that existed in the prior system.
> Adding an allowed account can only be done by an account
> that can decrypt the EFS protected file.
> Adding a DRA at this time will not help. That needed to be
> done before the file was last successfully accessed. The
> certificate/key pair needed for a DRA is obtained by use of
> the cipher commandline utility.
>
> At this point, in order to access the file you will need the
> previously exported EFS key from the prior account, or
> there are ways if you have the full, undisturbed profile of
> the prior account and know what its password was, or you
> could restore the entire prior system from a full backup with
> system state included. If you were in an uplevel domain then
> you may have other alternatives using the domain-level DRA.
>
> --
> Roger Abell
> Microsoft MVP (Windows Server System: Security)
> MCDBA, MCSE W2k3+W2k+Nt4
> "Roger Bradley" <roger.bradley@ntlworld.com> wrote in message
> news:000701c39fc9$9509dbc0$a301280a@phx.gbl...
> > I recently upgraded my motherboard. Everything went very
> > smoothly. I re-installed XP Pro. I'd backed up all my
> > data and had no problems getting things back to normal.
> > Apart from an excel spreadsheet that was encrypted when I
> > backed up.
> > Now when I try to open it I get a message telling me the
> > file is encrypted and cannot be opened.
> > I've tried to un-encrypt it but I get an error message
> > telling me access is denied.
> > When I right click on the file, select Properties /
> > Advanced then Details, under Users Who can Transparently
> > Access This file is my name and a Certificate Thumbprint.
> > This I assume is from my previous install and is the
> > reason I cannot access the file. I've tried adding my
> > current certificate but get an error window titled, EFSADU
> > saying "Error in adding new user(s). Error Code 5"
> > I've tried to add myself as a Data Recovery Agent but get
> > an error message when I select my certificate saying The
> > File contains no certificates suitable for Encrypted File
> > System Recovery. Please select another file or user.
> > I'm stuck. If anyone can help it would be appreciated.
> >
>
>

Reply With Quote
 
LinkBack Thread Tools Display Modes
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
Encrypting offline files Taxee Windows Vista Security 0 08-09-2007 08:44 PM
encrypting files Damion Windows XP Security & Administration 4 04-28-2004 08:32 AM
Encrypting & Decrypting files. Stephen Windows XP Security & Administration 2 10-05-2003 01:09 AM
Encrypting Files Bill Martin Windows XP Basics 3 09-21-2003 04:12 AM
Encrypting files on a CDRW Brian Windows XP Basics 1 09-11-2003 07:43 AM