Hi all,

I know this has been covered here before, and my apologies for bringing
it up again. Couldn't seem to find the exact answer to my question
with a search...

Here's the scenario:

- I had a laptop imaged with Win XP Pro and had encrypted my PST file.

- Recently, our company was acquired and they went through and reimaged
all of the machines and migrated everyone over to a new domain. (I
totally forgot to back up my keys, etc.)
- I tried recovering the file on the new image (new domain w/new
credentials), and realized that I couldn't access it.
- I have a test box which I had a domain admin add back on the previous
domain. I logged in using my old domain credentials and it shows me as
a user with transparent access to the file, and also a the owner.
- I try to uncheck the encryption, and it says access denied.

So...what are my options? Do I have to ask a domain admin to export
the data recovery agent keys and then import them on my box? Is the
reason it's not working because my test box is a Windows 2003 Server,
and not XP Pro like the platform that the file was encrypted on? If I
were to reformat this machine with XP Pro and get it back to the same
platform, and then use my old domain credentials, will I have access to
decrypt the file? Or because I didn't back up my cert/key, is the only
way out to use the cert for the data recovery agent?

Thanks in advance for your thoughts/comments!
/s

I think your best bet would be to see if the RA can recover the files.
Another option is to use the EFS recovery program from Elcomsoft. It will
search your computer for any EFS private keys and then if you can enter the
correct password for that user account you should be able to access your
files. Their free version will let you know if it can find any EFS private
keys and decrypt a small portion of your files to let you know it will work.
The full version is $100.

Steve

http://www.elcomsoft.com/aefsdr.html

<szebarjadi@gmail.com> wrote in message
news:1158178089.848312.24540@m73g2000cwd.googlegroups.com...
> Hi all,
>
> I know this has been covered here before, and my apologies for bringing
> it up again. Couldn't seem to find the exact answer to my question
> with a search...
>
> Here's the scenario:
>
> - I had a laptop imaged with Win XP Pro and had encrypted my PST file.
>
> - Recently, our company was acquired and they went through and reimaged
> all of the machines and migrated everyone over to a new domain. (I
> totally forgot to back up my keys, etc.)
> - I tried recovering the file on the new image (new domain w/new
> credentials), and realized that I couldn't access it.
> - I have a test box which I had a domain admin add back on the previous
> domain. I logged in using my old domain credentials and it shows me as
> a user with transparent access to the file, and also a the owner.
> - I try to uncheck the encryption, and it says access denied.
>
> So...what are my options? Do I have to ask a domain admin to export
> the data recovery agent keys and then import them on my box? Is the
> reason it's not working because my test box is a Windows 2003 Server,
> and not XP Pro like the platform that the file was encrypted on? If I
> were to reformat this machine with XP Pro and get it back to the same
> platform, and then use my old domain credentials, will I have access to
> decrypt the file? Or because I didn't back up my cert/key, is the only
> way out to use the cert for the data recovery agent?
>
> Thanks in advance for your thoughts/comments!
> /s
>

Nope didn't work...even though I put in the password for the EFS keys
it found. It still showed a bunch of files that were not able to
decrypt (EFS files and encrypted files).

Any other thoughts?

Thanks,
/s

Steven L Umbach wrote:
> I think your best bet would be to see if the RA can recover the files.
> Another option is to use the EFS recovery program from Elcomsoft. It will
> search your computer for any EFS private keys and then if you can enter the
> correct password for that user account you should be able to access your
> files. Their free version will let you know if it can find any EFS private
> keys and decrypt a small portion of your files to let you know it will work.
> The full version is $100.
>
> Steve
>
> http://www.elcomsoft.com/aefsdr.html
> >

Nope. At this point unless the RA is successful I would think those files
are not recoverable. You could always contact MS for support if the files
are worth that cost to you but I would be surprised if they can help you
recover them.

Steve


<szebarjadi@gmail.com> wrote in message
news:1158241415.389036.5800@d34g2000cwd.googlegroups.com...
> Nope didn't work...even though I put in the password for the EFS keys
> it found. It still showed a bunch of files that were not able to
> decrypt (EFS files and encrypted files).
>
> Any other thoughts?
>
> Thanks,
> /s
>
> Steven L Umbach wrote:
>> I think your best bet would be to see if the RA can recover the files.
>> Another option is to use the EFS recovery program from Elcomsoft. It will
>> search your computer for any EFS private keys and then if you can enter
>> the
>> correct password for that user account you should be able to access your
>> files. Their free version will let you know if it can find any EFS
>> private
>> keys and decrypt a small portion of your files to let you know it will
>> work.
>> The full version is $100.
>>
>> Steve
>>
>> http://www.elcomsoft.com/aefsdr.html
>> >
>