ejsky
asked on
XP Pro lost its smart card and is no longer with the domain but the user profile is locked out.
I have a XP pro Laptop which is an IBM Lenovo T61. This laptop was part of a domain which I've been no longer part of for a little over a year. I had to still use a smart card to get into the computer but after I had updated AVG 2011 Free edition I had lost my internet, so I removed the AVG by uninstalling it and a AXA program that I didn't relized that was partly used by the smart card then I restarted the system. When it booted backup I didn't have to worry about the smart card any more but when I loged on It was a different profile (like a new profile was created but missing my data and Outlook 2003 was also missing my configuration. And its PSTs. When I explorer I notice the profile with my user data is still in my orignal profile but its marked by a lime green color and when I try to open a File it states I don't have permission to the file. So I reset my file permissions and ownership of the folders and fiiles and still unable to open or move any of the data in lime green color. Anyone knows how to get around this or to really take over the files to make use of them again. Help would be appreciated.
ASKER
I see that it is the case of the files are encrypted but they wont allow me to unencrypt them. Is it possible that a GPO is inplace and if so how can I remove this without destory the OS / data files? Or How can I unencrypt them in this case.\? Here is a screen shot showing the files and the failed message
FilesEncrytionMessage.doc
FilesEncrytionMessage.doc
Are you certain that your current login username has full control of the files? Right click on a file in question, click Security > Advanced > Use the Owner and/or Effective Permissions tab to see if the owner is who it is supposed to be and what the effective permissions are for that owner.
ASKER
Here is a updated file with screen shots of the files with its ownership. I'm loged in on the administrator account. But I'll double check on this while you look over this. Thank you for your help.
FilesEncrytionMessage.doc
FilesEncrytionMessage.doc
ASKER
I just tried logging on one of the other profiles with no luck and now the computer is restarting with a quick BSD error 0x0c000022 which I might have a virus that I'm unaware of or its a GPO that thinks there is a hack attack happening.
Are you logging into the machine with a domain username and password or a local account? The username shown in the encryption detail wouldn't happen to be one you have access to login with, even if it's a domain account? IOW, when you login, is there a domain name to choose or is it just the machine name?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Its the local machine builtin admin account. and the othe user account that looks like a domain member isn't working. Its no longer been with a domain for a little over a year. I'm only concern in getting the data to decrypt or to be useful. I'm currently creating a full backup just in case I start to losing the partition over this.
It's almost 10/19/2010 where I'm at and it's been a long day. Here's hoping you find a solution, but I'll check back in the morning.
All the best..
All the best..
ASKER
I come to find out that the system has other issues such as other group polocies in the way but I need to still get to the encrypted data. I did find that I need to look at the Temp folders for possible pieces of data which might point to a hidden Data Recovery agent. Any suggestions would be very well appriecaited. So far the best help has been from lobo797 and thank you. I'm going to keep at it until I find a solution to fully complete this issue but if no one else has anything better than I'll be giving the solution credit to lobo797.
ASKER
http://windows.microsoft.com/en-US/windows-vista/Create-a-recovery-certificate-for-encrypted-files
The link above gave me some more help from Microsoft. If this fails then I'll need to call the company who had set it up and see if they have a backup Data Recovery agent for my old account with them. Thanks
The link above gave me some more help from Microsoft. If this fails then I'll need to call the company who had set it up and see if they have a backup Data Recovery agent for my old account with them. Thanks
It won't do anything to change the encrypted file issue, but is laptop still joined to the domain for any reason? You can check in right clicking My Computer > Properties > Computer name and see if it's on a domain or in a workgroup. If it is on a domain and you disjoin back to a workgroup, that should take care of GP's that were applied from a domain.
I would sure try the above recover solution, but it seems to go against the idea of encrypting files. There's usually a good reason to encrypt and would be only right to not be able to unencrypt easily. I'm thinking that if the recover certificate is not on the laptop, you'll need to contact the company who set it up.
All the best..
I would sure try the above recover solution, but it seems to go against the idea of encrypting files. There's usually a good reason to encrypt and would be only right to not be able to unencrypt easily. I'm thinking that if the recover certificate is not on the laptop, you'll need to contact the company who set it up.
All the best..
ASKER
I had all ready tried the disjoining the domin into workgroup but when the system rebooted it had locked me out all together of the whole system by stating it had cancealed a autocheck. I just found out that the company had already wiped my account from their system about 8 months ago.
ASKER
This part of the solution the other part is it will need a code breaker who knows bianary coding and encryptology. Mathimatics would be the other part of this solution which is almost impossible to break.
http://www.bidn.com/blogs/DustinRyan/ssis/222/green-file-names-what-in-the-world