Solved

Windows XP Pro SP2 CIPHER error

Posted on 2007-03-26
12
249 Views
Last Modified: 2013-12-04
Windows XP Pro SP2 CIPHER error. I cannot decrypt my documents on my external hard drive after using the command "%windir%\system32\cipher.exe" /e /s:%path% /a /i /f, where path is my documents folder. I encrypted the folder and later had to do a reformat of my internal hard drive and now I cannot access any of my files. How can I fix this?
0
Comment
Question by:rae_rae
  • 9
  • 3
12 Comments
 
LVL 3

Author Comment

by:rae_rae
ID: 18794837
BTW, I have already tried properties > security tab > advanced > owner tab > change owner to > replace owner on subcontainer and objects.
0
 
LVL 3

Author Comment

by:rae_rae
ID: 18794863
Of course, I have also already tried: cipher /d /s:"I:\My Documents" /a
0
 
LVL 3

Author Comment

by:rae_rae
ID: 18794894
I just tried cacls "I:\My Documents" /T /G %user%:F where user is the name of the account I used to encrypt the files and also is the name of my current account. This also did not work.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 3

Author Comment

by:rae_rae
ID: 18795040
I have also tried reading the data onto temporary storage using Knoppix to no avail.
Help please...somebody!
0
 
LVL 3

Author Comment

by:rae_rae
ID: 18804302
So...nobody can do this? :-s...wow...ok
0
 
LVL 3

Author Comment

by:rae_rae
ID: 18810661
How lame ...lol
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 18823805
Is that an encrypted folder on the external harddisk? Using EFS?
And encrypted on another PC then the one you are now using maybe?
If all yes, then this is only supported when both machines are member of the same Actice Directory. This means having a server as domain controller.
If this is not within AD, then the only way is to attach the external HD back to the PC where it was originally encrypted an decrypt the folder.

J.
0
 
LVL 3

Author Comment

by:rae_rae
ID: 18824598
Is that an encrypted folder on the external harddisk? Using EFS?
I'm not sure. used the command: "%windir%\system32\cipher.exe" /e /s:%path% /a /i /f, where path is the folder on the external hard drive.

And encrypted on another PC then the one you are now using maybe?
No, I encrypted the folder using the same PC as the one that I am attempting to recover it from. I did a reformat after having encrypted the folder though.

Thanks for the response. I'm glad to see somebody has at least tried...
0
 
LVL 18

Accepted Solution

by:
PowerIT earned 500 total points
ID: 18828347
Rae, then I'm sorry to be the one with the bad news.
When you reinstall XP Pro in a workgroup environment (or standalone), new keys are generated.
There are two ways to recover: using the backup of your key (Import it using certmgr.msc) or the recovery agent.
Both have to be arranged before any disaster or before reinstalling XP.
If you do not have done that, then I have very very bad news for you: you are fried!
Think about it, what good would EFS be if you can open encrypted files/folders without the key.
Contrary to some common believe, EFS is safe.
On XP you need the key AND the original password. If one of those are missing you will not be able to decrypt the files in a timely manner. It's as simple as that. Otherwise EFS would be worthless and been proven to also.
None of the so called 'recovery tools' will be able to help you, whatever their marketing department is shouting (or failing to explain).
There is a tool called AEFSDR.
AEFSDR needs the keys to do it's magic. If those are missing, then you will not be succesfull in recovering.
Also, on XP and 2k3 server, AEFSDR needs the password of the user encrypting the files.
Basically it needs al info like windows would with a running system. Microsoft did improve EFS when releasing XP.
And just creating a new key and certificate will certainly not help. That's like losing your key to your home, going to a locksmith and buying just any random new key and hoping it will open your lock.
Cipher can be used with a recovery agent. You would need access to the recovery agent key. If you are not in an AD environment (e.g. stand alone PC) then by default you do not have a recovery agent.
In plain english: no-one can help you. Sorry.

J.
0
 
LVL 3

Author Comment

by:rae_rae
ID: 18829249
Thanks for letting me come to some filnality on this. It's sad though that a user who forgot thier key can't get into the system even with thier user name and password; I setup the new system with all the old credentials...
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 18829279
The key can be backed up: start certmgr.msc, doubleclick personal / certificates. Right click the certificate of the user which says EFS as intended purpose. Choose all tasks/export. Export WITH the private key to an external media.
Store the external media at a safe external location (like a banksafe). Rember the password used to when exporting the certificate.
This will help you next time.

J.
0
 
LVL 3

Author Comment

by:rae_rae
ID: 18829298
Thanks again.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question