Og wrote:
> "Bill Fuller" <someone@nospam.com> wrote in message
> news:erHgj3p2HHA.5832@TK2MSFTNGP02.phx.gbl...
>> I have a rather unique problem... I have a Toshiba laptop that had a video
>> card failure... and this card is no longer manufactured or available.
>> Meaning, the laptop is useless. Unfortunately, I had some files/folders on
>> that system that had been encrypted using Windows encryption. Now it seems
>> that, even though the drive itself is undamaged, I have no way of
>> decrypting/moving them to another system.
>>
>> Does anyone have any knowledge on rather or not these files can be
>> recovered? If so, how (copy the encryption key, etc.?)?
>
> 1. Slave the drive to another computer.
> 2. Start | Help and Support
> 3. In the "Search" bar type the word
> encryption
> 4. Click on the link that fits your situation and follow the step-by-step
> instructions:
>
> Recover an encrypted file or folder if you are a designated
> recovery agent
> Recover an encrypted file or folder without the file encryption
> certificate
>
> Steve
>
>
I'm not an expert enough wrt Windows Encrypting File System. However,
the solution Og proposes -- which is probably the OP's best hope --
probably will only work if the OP was astute enough to export his
private key to some portable media that he now has available.
As I understand it, there are two -- and only two -- ways to recover
files secured by EFS: using the user's key or using a Designated
Recovery Agent. Although Designated Recovery Agents primarily are used
in Domains, you can have a DRA on a stand-alone computer as well. See
http://technet2.microsoft.com/windo...f709-49e7-97f8-5ad1c3c74f8c1033.mspx?mfr=true
(or type "recovery agent" in Help & Support). The catch is (and this is
the part I'm not certain of), you have to create the DRA for the given
user using the user's Certificate. So, even if the OP created a DRA on
his laptop, he can't use it (no video), and he can't create a DRA for
the old files on a new computer without the Certificate that was used to
encrypt the old files.
I could be wrong, and Og's solution may work. If so, great. If not,
the OP should Google for methods to copy his old profile -- including
the SID, the ACLs, and and passwords -- from his old disk. It is
important that the new profile have the identical password to the old one.
There is also the brute force approach: On a working computer, go
through the process of booting up, accessing, and decrypting the folders
in which the data is stored (you did encrypt folders rather than files,
right?). Keep meticulous track of all key presses, and use arrow keys
and the tab key instead of the mouse. Then follow this procedure exactly
on the laptop. Then pull the disk out of the laptop, slave it to
another computer and copy the files, which hopefully will now be
unencrypted.
Good luck. You'll need it. Microsoft should never have made EFS as
easy to (mis)use as it is.
--
Lem -- MS-MVP - Networking
To the moon and back with 64 Kbits of RAM and 512 Kbits of ROM.
http://en.wikipedia.org/wiki/Apollo_Guidance_Computer