Mittwoch, 9. Januar 2013 08:56
Mittwoch, 9. Januar 2013 09:07
the files which you are trying to access are encrypted. when you encrypt a file or folder, a key automatically will generate and placed in your certificate folder. then each time you want to open the encrypted files, first it checks your local certificate folder to see if the key is still in the folder. once you re-install your OS it will be dumped unless you have planned before and created a backup for that certificate.
I suggest you try to restore you previously backed up certificate in the certificate folder. frankly saying if you have not backed up your certificate there is no simple way to recover your lost files but there used to be third party recovery tools for recovering process back in 2003 age.
have you backed up your certificate before?
Mittwoch, 9. Januar 2013 11:28
So where is this certificate folder?
I've saved some .cer files, but having installed them, nothing happened again.
Mittwoch, 9. Januar 2013 12:59
A key concept for EFS (Encrypted File System) is the DRA (Data Recovery Agent).
Please read here for some background information about how EFS works (http://technet.microsoft.com/en-us/library/cc875821.aspx)
What happend in your case?
The user encrypted his files/folders with the use of a personal user certificate. This certificate (with public and private key) is stored on the local machine (In the local store\peronal). When the user encrypts their files\folders, the private key part of the certificate is used for the encryption. Upon reinstallation of the machine, the certificates in the personal store (on the local computer) are removed, that means that the required certificate (with the private key (to decrypt the files) is lost).
If I remember correct, there is no way to recover those files without having:
- Either the original user certificate (with corresponding private key); The .CERs you exported probably only have the public key part of the certificate
- A designated KRA (Key Recovery Agent) or some one with access to the recovery key (By default, the built-in Administrator account for a domain is a recovery agent)
* Your question: You can view local (user and computer) certificates using the Mircrosoft Management Console (MMC) > Adding the Certificates snap-in
"The beginning of knowledge is the discovery of something we do not understand."
- Als Antwort markiert K_evin ZhuMicrosoft Contingent Staff, Moderator Dienstag, 5. Februar 2013 06:13
Donnerstag, 10. Januar 2013 06:59
if you have backed up your certificates before you are supposes to install them in "Personal" folder of certmgr.msc .becuase the certificates which belong to EFS are stored in personal folder. by the way there are computer certificates and user certificates. for importing the certificates which you have backed up:
Run>MMC>File menu>add remove snap ins>Certificates>My user account>Finish>ok
then you right click the "Personal" folder and choose"All task" and click "Import" and follow the wizard.