Encrypted files under a domain that no longer exists!!
Posted on 2004-03-24
I really need your help on this one! Here's the deal:
My company just changed domains (deleting subdomains for OU's). This is a Windows 2000 network.
It just so happens that a user has enabled encryption on a folder that contains VERY important billing information for our clients. Needless to say this annual billing should have happened yesterday (literally).
Encrypting folders is based on GUID's and only the owner of the folder or the EFS Recovery Agent (built in domain account) can decrypt these folders. These two are members of a domain that no longer exists and there is no existing copy of the Recovery Agent's private key.
I found one decrypting tool that didn't work.
The only solution I am seeing is that I find an old backup of the AD, restore it onto a machine (that is NOT network connected) get the files to this machine and decrypt.
Is this doable for you guys? Do you know another solution?
With thanks in advance,