Re: De-crypting a File -- User ID changed!!

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Rick \ (rick_at_mvps.org)
Date: 12/11/04 

Date: Fri, 10 Dec 2004 22:37:51 -0500

Hi,

It's not working because the SID is different on the other machine. Simply
using an account with the same name is not sufficient. Every account on any
machine is assigned a different security descriptor (SID), they are not
interchangeable, nor does using a backup tool allow you to migrate them from
one machine to another. 

-- 
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
http://mvp.support.microsoft.com/
Associate Expert - WindowsXP Expert Zone
www.microsoft.com/windowsxp/expertzone
Windows help - www.rickrogers.org
"Jim Y." <jjy0912@hotmail.com> wrote in message 
news:Or4lHyy3EHA.3616@TK2MSFTNGP09.phx.gbl...
>I got a new computer.
>
> On the old computer, the files were owned by 'js'.  I backed up everything 
> on an external HD, then connected the HD to the new computer, and 
> restored.
>
> However, the new computer account was 'John', so I restored as 'John' (on 
> first boot of a new computer, XP setup prompts you for the primary user 
> and not thinking I entered the name and not the user ID I desired). 
> Wanting the new computer to have the same setup as the old one, I realized 
> the user IDs were different, and I changed them, not thinking about the 
> handful of encrypted files.
>
> I partitioned the new computer drive, so the data (My Documents, etc) 
> would reside on drive D. As I was moving the structure (using TweakUI) 
> from C:\Documents and Settings.... I got errors on the encrypted files.
>
> Good news though (just realized this)! I still have the old computer and 
> just un-encrypted the original set of files, so I can copy them over in 
> un-encrypted form. I will reconnect the external drive (USB) to the old 
> computer and try to un-encrypt them there too, as I cannot open them from 
> the new computer, and they were created from the old computer.
>
> However the original problem, in principle, still exists. On the new 
> computer, I will try renaming the user back to 'John', un-encrypt, and 
> then rename the user back to 'js'. I will post my results.
>
> I'll not mess with encryption again ;-)
>
> Thanks for the help and I'll let you know what happens.
>
> Jim
>
>
> "Pat Hoffer [MSFT]" <pathoff@online.microsoft.com> wrote in message 
> news:CE4CEF4F-756F-4F7C-A6CA-E44DB64082DB@microsoft.com...
>>I just tried this on a WXPsp2 PRO (workgroup) and I saw not problem:
>> 1. Log on as "John" and encrypt two files.
>> 2. Change name of account to "js."
>> 3. Log on as "js" and decrypt both files.
>> (Note: the username in the profile path is still listed as "John.")
>>
>> What did you do that's different from above?
>> (BTW: a non-domain WXP does not have a recovery agent by default.)
>>
>> Thanks.
>> Pat
>>
>> "Jim Y." wrote:
>>
>>> Hi there,
>>>
>>> Running Win XP SP2.
>>>
>>> I am trying to un-encrypt a file I created. Here's what I believe the
>>> problem is:
>>>
>>> (Assume user's name is John Smith)
>>>
>>> User ID was the first name of user; I created the file as user ID 'John'
>>> and then encrypted it.
>>> I then renamed my user account to initials of the user, 'js'.
>>>
>>> Now I cannot un-encrypt the file as user 'js', as per KB article
>>> http://support.microsoft.com/default.aspx?scid=kb;en-us;250494 -- In
>>> fact I can't do anything with it; copy move, open, etc.
>>>
>>> From KB article: "To resolve this behavior, the file must be decrypted
>>> by the user who encrypted the file, or by the designated Recovery
>>> agent."
>>>
>>> Who is a designated Recovery agent, the XP Administrator account?
>>>
>>> User ID 'js' (formerly 'John') is in the Administrator's group, but
>>> still no luck.
>>>
>>> Ok, should I temporarily rename the User ID back to 'John' and then
>>> un-encrypt? Will renaming the user account back to the original ID
>>> satisfy the decryption check?
>>>
>>> I ask, because I don't want to exasperate the situation by a
>>> trial-and-error situation.
>>>
>>> Help, please. Thanks.
>>>
>>> Jim
>>>
>>>
>

Relevant Pages

  • Re: De-crypting a File -- User ID changed!!
    ... However, the new computer account was 'John', so I restored as 'John' ... computer and try to un-encrypt them there too, ... I'll not mess with encryption again;-) ...
    (microsoft.public.windowsxp.general)
  • Re: De-crypting a File -- User ID changed!!
    ... However, the new computer account was 'John', so I restored as 'John' ... computer and try to un-encrypt them there too, ... I'll not mess with encryption again;-) ...
    (microsoft.public.windowsxp.security_admin)
  • Re: De-crypting a File -- User ID changed!!
    ... using an account with the same name is not sufficient. ... > computer and try to un-encrypt them there too, as I cannot open them from ... > I'll not mess with encryption again;-) ... Log on as "John" and encrypt two files. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: De-crypting a File -- User ID changed!!
    ... Jim Y. wrote: ... > I am trying to un-encrypt a file I created. ... > Who is a designated Recovery agent, the XP Administrator account? ...
    (microsoft.public.windowsxp.security_admin)
  • Re: De-crypting a File -- User ID changed!!
    ... Jim Y. wrote: ... > I am trying to un-encrypt a file I created. ... > Who is a designated Recovery agent, the XP Administrator account? ...
    (microsoft.public.windowsxp.general)