EFS encrypted files won't open anymore
Hi,
A customer has encrypted files on a network share via efs. Nobody, including the person that encrypted the files is able to open them anymore.
The files need to be decrypted and moved to another location but nothing seems to work.
I have found the certificate but still no luck. Any help would be appreciated.
A customer has encrypted files on a network share via efs. Nobody, including the person that encrypted the files is able to open them anymore.
The files need to be decrypted and moved to another location but nothing seems to work.
I have found the certificate but still no luck. Any help would be appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Comment on the rest of the suggestions, too, please.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
EFS is not known for being unstable - something must have ahppened that you are not aware of. Sorry, I could only once more advise you to use backups. If those are incomplete, you are out of luck and you could only try to break the encryption which will be time-consuming and most probably not successful.
Domain environment with a CA? Is DRA agent configured?
ASKER
Hi Shaun,
Yes all of those things. The DRA agent is the domain administrator account (who is me obviously). But when i try to decrypt it still says i have no rights to do so.
Yes all of those things. The DRA agent is the domain administrator account (who is me obviously). But when i try to decrypt it still says i have no rights to do so.
Are you sure that these files weren't changed/encrypted by something like Ransomware?
ASKER
NO, the user remembers encrypting those files last year. But now we want to move the files to another network location, they seem unaccesable, even for the person that encryped them.
I was able to recover a lot of the decrypted files from various back-ups and we are only down to 3 files now. I am able to delete them, rename them, but not to open or move them!
I was able to recover a lot of the decrypted files from various back-ups and we are only down to 3 files now. I am able to delete them, rename them, but not to open or move them!
ASKER
I tried restoring the files from backup but the pdf files come empty (0kb)