Re: sbs installation and clients not opening encrypted files

From: Damian N Leibaschoff [MSFT] (damianl_at_online.microsoft.com)
Date: 03/17/04 

Date: Wed, 17 Mar 2004 12:34:47 -0600

This is the 2K version, it should still work:

http://www.microsoft.com/downloads/details.aspx?FamilyID=9c70306d-0ef3-4b0c-ab61-81da208f5c47&DisplayLang=en

Regards,
Damian 

-- 
Damian N. Leibaschoff, MS IST, MCSE
Microsoft Corporation
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
"Bryce" <fukuzzz@takethisout.hotmail.com> wrote in message
news:%23GJcKGEDEHA.1456@TK2MSFTNGP09.phx.gbl...
> I got to that folder in the cmd.exe and I typed in efsinfo /r /u
"filename"
> and it says that 'efsinfo' is not recognized as an intenal or external
> command, operable program or batch file.
>
> Any hints?
>
>
> "Damian N Leibaschoff [MSFT]" <damianl@online.microsoft.com> wrote in
> message news:O3tFnc7CEHA.2804@tk2msftngp13.phx.gbl...
> > Was this machine a member of another domain before? If so, then using
the
> > local admin will not work.
> >
> > Check the following article:
> >
> >
> > 255742 Methods for Recovering Encrypted Data Files
> > http://support.microsoft.com/?id=255742
> >
> > Regards,
> > Damian
> >
> > -- 
> > Damian N. Leibaschoff, MS IST, MCSE
> > Microsoft Corporation
> >
> > Get Secure! - www.microsoft.com/security
> >
> > =====================================================
> >
> > When responding to posts, please "Reply to Group" via
> >
> > your newsreader so that others may learn and benefit
> >
> > from your issue.
> >
> > =====================================================
> >
> > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> > "Bryce" <fukuzzz@takethisout.hotmail.com> wrote in message
> > news:Opc01f6CEHA.3748@TK2MSFTNGP11.phx.gbl...
> > > I logged in locally using Aministrator and my old password and I got
in.
> > > However, I was still denied access on the encrypted files.
> > >
> > >
> > > "Damian N Leibaschoff [MSFT]" <damianl@online.microsoft.com> wrote in
> > > message news:eTeC7C6CEHA.2404@TK2MSFTNGP11.phx.gbl...
> > > > Try logging on as a domain administrator, they are usually local
> admins.
> > > >
> > > > Regards,
> > > > Damian
> > > >
> > > > -- 
> > > > Damian N. Leibaschoff, MS IST, MCSE
> > > > Microsoft Corporation
> > > >
> > > > Get Secure! - www.microsoft.com/security
> > > >
> > > > =====================================================
> > > >
> > > > When responding to posts, please "Reply to Group" via
> > > >
> > > > your newsreader so that others may learn and benefit
> > > >
> > > > from your issue.
> > > >
> > > > =====================================================
> > > >
> > > > This posting is provided "AS IS" with no warranties, and confers no
> > > rights.
> > > > "Bryce" <fukuzzz@takethisout.hotmail.com> wrote in message
> > > > news:%23sS4KQ3CEHA.1588@tk2msftngp13.phx.gbl...
> > > > > Since I've added this computer to the domain, the username and
> > password
> > > > that
> > > > > was before, is not accepted when I try to log in locally.
> > > > >
> > > > > Is there anyway I can find out what it was changed to?
> > > > >
> > > > >
> > > > > "Damian N Leibaschoff [MSFT]" <damianl@online.microsoft.com> wrote
> in
> > > > > message news:%23fcI9prCEHA.1452@TK2MSFTNGP09.phx.gbl...
> > > > > > When you are the logon prompt, click on options in order to
> display
> > > the
> > > > > > Domain ("Log on to:"), use the dropdown and select the entry
that
> > says
> > > > > > "(this computer)".
> > > > > >
> > > > > > Regards,
> > > > > > Damian
> > > > > >
> > > > > > -- 
> > > > > > Damian N. Leibaschoff, MS IST, MCSE
> > > > > > Microsoft Corporation
> > > > > >
> > > > > > Get Secure! - www.microsoft.com/security
> > > > > >
> > > > > > =====================================================
> > > > > >
> > > > > > When responding to posts, please "Reply to Group" via
> > > > > >
> > > > > > your newsreader so that others may learn and benefit
> > > > > >
> > > > > > from your issue.
> > > > > >
> > > > > > =====================================================
> > > > > >
> > > > > > This posting is provided "AS IS" with no warranties, and confers
> no
> > > > > rights.
> > > > > > "Bryce" <fukuzzz@takethisout.hotmail.com> wrote in message
> > > > > > news:O%23dEOUrCEHA.2308@tk2msftngp13.phx.gbl...
> > > > > > > How do I log onto the local machine without getting on the
> sbs2003
> > > > > domain?
> > > > > > >
> > > > > > >
> > > > > > > "Damian N Leibaschoff [MSFT]" <damianl@online.microsoft.com>
> wrote
> > > in
> > > > > > > message news:%23h0XRrqCEHA.712@tk2msftngp13.phx.gbl...
> > > > > > > > Usually the local administrator is the EFS recovery Agent on
> > local
> > > > > > > machines
> > > > > > > > (not domain).
> > > > > > > >
> > > > > > > > 255742 Methods for Recovering Encrypted Data Files
> > > > > > > > http://support.microsoft.com/?id=255742
> > > > > > > >
> > > > > > > >
> > > > > > > > Regards,
> > > > > > > > Damian
> > > > > > > >
> > > > > > > > -- 
> > > > > > > > Damian N. Leibaschoff, MS IST, MCSE
> > > > > > > > Microsoft Corporation
> > > > > > > >
> > > > > > > > Get Secure! - www.microsoft.com/security
> > > > > > > >
> > > > > > > > =====================================================
> > > > > > > >
> > > > > > > > When responding to posts, please "Reply to Group" via
> > > > > > > >
> > > > > > > > your newsreader so that others may learn and benefit
> > > > > > > >
> > > > > > > > from your issue.
> > > > > > > >
> > > > > > > > =====================================================
> > > > > > > >
> > > > > > > > This posting is provided "AS IS" with no warranties, and
> confers
> > > no
> > > > > > > rights.
> > > > > > > > "Tony Su" <anonymous@discussions.microsoft.com> wrote in
> message
> > > > > > > > news:c76101c408ae$04cb2390$a101280a@phx.gbl...
> > > > > > > > > My understanding is that logging on as the Local
> > > > > > > > > Administrator may not be sufficient.
> > > > > > > > >
> > > > > > > > > You have to logon as the original User who encrypted the
> > > > > > > > > files and still have the x509 certificate used to encrypt
> > > > > > > > > the certificate available. As you say it can make a
> > > > > > > > > difference whether the original User was a member of a
> > > > > > > > > Domain or a Workgroup which may provide a hint where the
> > > > > > > > > original certificate's CA might be and where the
> > > > > > > > > certificate might be stored.
> > > > > > > > >
> > > > > > > > > Did I misunderstand that not even an Administrator can
> > > > > > > > > open it, that the purpose of encryption is to hide the
> > > > > > > > > file even from SysAdmins and other high permission
> > > > > > > > > accounts?
> > > > > > > > >
> > > > > > > > > TIA,
> > > > > > > > >
> > > > > > > > > Tony Su
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > >-----Original Message-----
> > > > > > > > > >Hi,
> > > > > > > > > >Were those XP machines members of another domain?
> > > > > > > > > Workgroup?
> > > > > > > > > >Try logging on locally to the machine (not the domain)
> > > > > > > > > with the original
> > > > > > > > > >user account and see if it helps.
> > > > > > > > > >
> > > > > > > > > >Just in case, you may want to also check the permissions
> > > > > > > > > on those files, log
> > > > > > > > > >on as a local machine administrator, take ownership of
> > > > > > > > > the file and change
> > > > > > > > > >the NTFS permissions to allow for the proper access.
> > > > > > > > > >
> > > > > > > > > >Regards,
> > > > > > > > > >Damian
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >-- 
> > > > > > > > > >Damian N. Leibaschoff, MS IST, MCSE
> > > > > > > > > >Microsoft Corporation
> > > > > > > > > >
> > > > > > > > > >Get Secure! - www.microsoft.com/security
> > > > > > > > > >
> > > > > > > > > >=====================================================
> > > > > > > > > >
> > > > > > > > > >When responding to posts, please "Reply to Group" via
> > > > > > > > > >
> > > > > > > > > >your newsreader so that others may learn and benefit
> > > > > > > > > >
> > > > > > > > > >from your issue.
> > > > > > > > > >
> > > > > > > > > >=====================================================
> > > > > > > > > >
> > > > > > > > > >This posting is provided "AS IS" with no warranties, and
> > > > > > > > > confers no rights.
> > > > > > > > > >"Bryce" <fukuzzz@takethisout.hotmail.com> wrote in
message
> > > > > > > > > >news:%235m5roFCEHA.1812@TK2MSFTNGP12.phx.gbl...
> > > > > > > > > >> Hi. We had some files that were "green" in XP.
> > > > > > > > > >>
> > > > > > > > > >> We just changed over to sbs2003 and deployed all the
> > > > > > > > > clients.
> > > > > > > > > >>
> > > > > > > > > >> Now we have files we can't open that were encrypted on
> > > > > > > > > XP boxes.
> > > > > > > > > >>
> > > > > > > > > >> When we try to open them, we get the message, "access
> > > > > > > > > denied" for .txt
> > > > > > > > > >items
> > > > > > > > > >> and "Word cannot open the document: user does not have
> > > > > > > > > access privileges"
> > > > > > > > > >> for word documents.
> > > > > > > > > >>
> > > > > > > > > >> Any idea how to access these?
> > > > > > > > > >>
> > > > > > > > > >> Bryce.
> > > > > > > > > >>
> > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >.
> > > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>