Re: EFS Certs in AD or local PC?

While there are ways to archive EFS certificate/private keys, I believe that
requires W2003 Enterprise, and in your case his certificate/private key was
on the local computer. See if he possibly exported it for backup at some
point in time to see if he can import it back into his computer via a .pxf
file. If the domain security policy has a Recovery Agent configured then the
RA [usually built in domain administrator account] could logon to a computer
that contains the RA EFS certificate/private key [usually the domain
controller] and deccrypt the files. Note that ANY EFS certificate used to
attempt to decrypt files MUST also have the matching private key - a .cer
file does NOT. Though he/you may not be able to access the files right now
you can view the advanced properties/detains of them to see if a RA is
included as user that can decrypt.

Steve


"Quilnux" <Quilnux@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:95785FD5-839E-4A23-B4C9-974A3E6884B2@xxxxxxxxxxxxxxxx
Hello,

We have a user which was using a desktop with an EFS folder. Recently the
OS
drive failed and we had to reload the system from a new HDD. The EFS
folder
is on a secondary drive which is ok but I need to know if he will be able
to
access the folder when he logs in next wednesday from his account in AD or
if
I need to get his EFS cert from archives. It takes archives a week to get
us
the disks we need so if it is saved in his AD account I may not need to
contact them.

Thanks,
Quilnux


.