RE: Recovery agent for EFS, how can i get it done PLEASE HELP
- From: "savvy95" <savvy95@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 20 Apr 2005 11:48:01 -0700
OK. Let's try this.....
Logon as user
MMC >> Add snap-in Cert for user account>> personal >> Right click All
Tasks >> Request New Certificate >> Cert Type: EFS Recovery Agent, click
Advanced>>NEXT>>NEXT, Now your on the "Certification Authority" page....
Which server will respond to your request?
I just did this from an XP to 2003 CA
"XP_2600" wrote:
> I did that man, but when i try to add it as a recovery agent i get
> "---------------------------
> Add Recovery Agent
> ---------------------------
> The selected user has no certificates suitable for Encrypted File System
> Recovery and cannot be added as a recovery agent.
> Select another user.
> ---------------------------
> OK
> ---------------------------"
> Even if i did encrypt and decrypt files using the account.
> is it suppose to be a bug ???
>
> "XP_2600" wrote:
>
> > Guys i need your help, i have a windows 2003 server entrprise (upgraded from
> > Windows 2000 advanced server sometime ago) i noticed that an employee
> > encrypted some files and that wasnt allowed ( i didnt moved the allow
> > encrypting files from the GP :( ) anyway i logged with the administrator
> > which suppose to be able to recover the encypted files but its didnt do it,
> > anyway i decrypt the files using the user account, but now i wanna add a
> > reliable recovery agent, everytime i choose an account to be a recover agent
> > (an account from domain administrators) i get this error "Add Recovery Agent
> > ---------------------------
> > The selected user has no certificates suitable for Encrypted File System
> > Recovery and cannot be added as a recovery agent.
> > Select another user.
> > ---------------------------
> > OK
> > ---------------------------"
> > i tried to install CA and then i tried to request certificate but i get this
> > error "---------------------------
> > Certificate Request Wizard
> > ---------------------------
> > The certificate cannot be installed because of one or more of the following
> > conditions:
> > - There is a problem with your cryptographic hardware.
> > - The cryptographic service provider (CSP) that created the request is
> > malfunctioning.
> > The error was: Keyset does not exist
> > ---------------------------
> > OK
> > ---------------------------"
> >
> > even if i see in the CA that the certificate has been issued and there is no
> > faild certificates, i tried to skip this thing too and export the user
> > certificate and then use it as recovery agent instead of choosing user name
> > its success but the user who suppose to be recovery agent couldnt recover
> > files too, i think he could recover folders only or at least thats whats
> > happend with me
> >
> > When i tried to choose create recovery agent i got this error:
> > "---------------------------
> > Public Key Policies
> > ---------------------------
> > Windows cannot create a data recovery agent. Keyset does not exist
> > ---------------------------
> > OK
> > ---------------------------"
> > I know its complex and long post but please try to help me, thanks so much
> >
> >
> >
.
- References:
- Prev by Date: Re: Invalid Syntax - The parameter is incorrect.
- Next by Date: Re: Invalid Syntax - The parameter is incorrect.
- Previous by thread: RE: Recovery agent for EFS, how can i get it done PLEASE HELP
- Next by thread: how to find ADC and DC
- Index(es):
Relevant Pages
|
