1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

70-270 efs

Discussion in 'Windows Vista / 7 / 8 Client Exams' started by salv236, Jul 25, 2010.

  1. salv236

    salv236 Nibble Poster

    57
    0
    23
    I would like to know in the event that user loses his private key how can an admin or other recovery agent decrypt a file.

    I tried to lab this in my virtual session, i performed the following:

    1) as the impacted user i in cmd i did cipher /r:x:/filename
    2)it successfully generated a pfx and cer file.
    3) logged off and logged on with the administrator account.
    4) within group policy i added the administator as a recovery agent
    5) when i tried to decrypt via the cipher command or with windows explorer it wouldnt succeed.

    Is there something i ma missing or doing wrong.

    Thanks
     
    Certifications: none
    WIP: MCSE XP/2K3
  2. AndreK

    AndreK Bit Poster

    49
    7
    8
    I think recovery agents can only decrypt files that have been encrypted after the recovery agent has been assigned not before i.e. the above example the administrator account fails to decrypt the file because it was made the recovery agent after the file was encrypted.
     
  3. salv236

    salv236 Nibble Poster

    57
    0
    23
    i tried after tge assignment of the recovery agent to get the user to create another encrypted folder/file.
    Logging on as the administratir i still receive an accesss denied message, i dont understand.
     
    Certifications: none
    WIP: MCSE XP/2K3
  4. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    Been a while but do you not need to install the certificate you have just exported?
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  5. simonp83

    simonp83 Kilobyte Poster

    254
    4
    32
    Going through the Windows 7 section of EFS now, not sure if XP will be much different, but after creating the recovery agent, you need to import it with the local computer policy.
     
    Certifications: A+, MCP, MCDST, MCTS, MCITP
    WIP: 70-291

Share This Page

Loading...