[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

BartPE and EFS

Posted on 2008-06-19
4
Medium Priority
?
969 Views
Last Modified: 2012-05-05
I am looking for a way to build a BartPE image that will allow me to import a users EFS certificates so that I can decrypt and recover their files. Thanks!
0
Comment
Question by:jbyrd1981
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 25

Expert Comment

by:slam69
ID: 22023302
Hi,

This isnt possible for the very reason that you wouldnt want to buold an image that included an individuals EFS certificate otherwise each time you install the image the certfifcate would be included great if you only have one user but if your deploying to lots of users then teh certficate could get wrongly used.

id recommend always making sure the efs is done as a standalone task
0
 
LVL 1

Author Comment

by:jbyrd1981
ID: 22026738
Another option I have been researching is using windows backup utility to copy the users profile. From what I understand it will copy the files even if encrypted with EFS. This way I can put in the BartPE disk into the computer with the bad drive, copy the users profile to an external location, then move that data to a new machine and import their certs. I have tried using a nt5backup plugin for Bart but have not been able to get it to work correctly. Any ideas??
0
 
LVL 25

Assisted Solution

by:slam69
slam69 earned 400 total points
ID: 22033511
Hmm interesting idea and have to be honest its not something I have tried I just know you cant put an EFS certificate onto PE.

Does sound feasible what you are looking into does the back up complete at the least if so i would recommend setting up a network storage area for admins only of your EFS cert backups and backing up the data, then in the event of driver failure you restore the backup of teh encrypted files and pull the necessary certificate out your storage area?

Tyhats a method i have seen employed before
0
 
LVL 1

Accepted Solution

by:
jbyrd1981 earned 0 total points
ID: 22080474
I got it to work! All EFS files were copied and I put the users profile on another machine and it came back up great. Once their certs were available they had access to all the files EFS'd on the bad drive. I could never get the plugin for nt5backup to work for BartPE so I just used the one on the drive that I was recovering data from, it is in the c:\Windows\System32 folder. There are some errors initially but I found that if you disable volume shadow copy it works flawlessly and copies the users profile including EFS files to an extermal drive I had hooked up. Thanks for all the help though!
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question