EFS-moved from domain to AD

Miguel · External Since: Sep 12, 2006 Posts: 4

I moved my PC from Domain to AD (new domain), exporting profile, but didn't
export EFS keys. My PC (XP Pro) sees the encrypted folders and contents, but
can't access the files. The SID owner is still visible, although with
numbers, and under C:\Documents and Settings it seems the info of my old
profile is still there. Is there any porribility of recovering my encrypted
info? I've tried AEFSD and EFS Keys with no success. Thx.

Roger Abell MVP · External Since: Apr 12, 2004 Posts: 671

You were evidently using an account of the old domain (rather
than a machine local account).
The most direct and simple thing would be to rejoin the old
domain and then log in with the old domain account.
Then, copy the files to the clear and/or export the EFS cert/key,
and then rejoin the new AD domain.

Roger

"Miguel" <Miguel.RemoveThis@discussions.microsoft.com> wrote in message
news:454B3B3E-0FBE-48C8-8F41-BCB192E1C462@microsoft.com...
>I moved my PC from Domain to AD (new domain), exporting profile, but didn't
> export EFS keys. My PC (XP Pro) sees the encrypted folders and contents,
> but
> can't access the files. The SID owner is still visible, although with
> numbers, and under C:\Documents and Settings it seems the info of my old
> profile is still there. Is there any porribility of recovering my
> encrypted
> info? I've tried AEFSD and EFS Keys with no success. Thx.

Miguel · External Since: Sep 12, 2006 Posts: 4

Thanks, Roger.
However, the old domain does not exist anymore!!! Is there any possibiity of
recovering the files?

"Roger Abell [MVP]" wrote:

> You were evidently using an account of the old domain (rather
> than a machine local account).
> The most direct and simple thing would be to rejoin the old
> domain and then log in with the old domain account.
> Then, copy the files to the clear and/or export the EFS cert/key,
> and then rejoin the new AD domain.
>
> Roger
>
> "Miguel" <Miguel DeleteThis @discussions.microsoft.com> wrote in message
> news:454B3B3E-0FBE-48C8-8F41-BCB192E1C462@microsoft.com...
> >I moved my PC from Domain to AD (new domain), exporting profile, but didn't
> > export EFS keys. My PC (XP Pro) sees the encrypted folders and contents,
> > but
> > can't access the files. The SID owner is still visible, although with
> > numbers, and under C:\Documents and Settings it seems the info of my old
> > profile is still there. Is there any porribility of recovering my
> > encrypted
> > info? I've tried AEFSD and EFS Keys with no success. Thx.
>
>
>

Roger Abell MVP · External Since: Apr 12, 2004 Posts: 671

If you have a complete, uncorrupted profile from the account, and
you know the password of that account at that time, then there are
third-party tools out there at a price, and Microsoft support can
fish out the needed cert/key for a price, and the method outlined
at www.beginningtoseethelight.org/efsrecovery does work if you
can do it.

"Miguel" <Miguel RemoveThis @discussions.microsoft.com> wrote in message
news:D552220F-CB77-4BE7-8C69-69B81D145EF0@microsoft.com...
> Thanks, Roger.
> However, the old domain does not exist anymore!!! Is there any possibiity
> of
> recovering the files?
>
> "Roger Abell [MVP]" wrote:
>
>> You were evidently using an account of the old domain (rather
>> than a machine local account).
>> The most direct and simple thing would be to rejoin the old
>> domain and then log in with the old domain account.
>> Then, copy the files to the clear and/or export the EFS cert/key,
>> and then rejoin the new AD domain.
>>
>> Roger
>>
>> "Miguel" <Miguel RemoveThis @discussions.microsoft.com> wrote in message
>> news:454B3B3E-0FBE-48C8-8F41-BCB192E1C462@microsoft.com...
>> >I moved my PC from Domain to AD (new domain), exporting profile, but
>> >didn't
>> > export EFS keys. My PC (XP Pro) sees the encrypted folders and
>> > contents,
>> > but
>> > can't access the files. The SID owner is still visible, although with
>> > numbers, and under C:\Documents and Settings it seems the info of my
>> > old
>> > profile is still there. Is there any porribility of recovering my
>> > encrypted
>> > info? I've tried AEFSD and EFS Keys with no success. Thx.
>>
>>
>>

Miguel · External Since: Sep 12, 2006 Posts: 4

Thanks again, Roger. I had that link already, I guess I'll try MS.
Miguel

"Roger Abell [MVP]" wrote:

> If you have a complete, uncorrupted profile from the account, and
> you know the password of that account at that time, then there are
> third-party tools out there at a price, and Microsoft support can
> fish out the needed cert/key for a price, and the method outlined
> at www.beginningtoseethelight.org/efsrecovery does work if you
> can do it.
>
>
> "Miguel" <Miguel.RemoveThis@discussions.microsoft.com> wrote in message
> news:D552220F-CB77-4BE7-8C69-69B81D145EF0@microsoft.com...
> > Thanks, Roger.
> > However, the old domain does not exist anymore!!! Is there any possibiity
> > of
> > recovering the files?
> >
> > "Roger Abell [MVP]" wrote:
> >
> >> You were evidently using an account of the old domain (rather
> >> than a machine local account).
> >> The most direct and simple thing would be to rejoin the old
> >> domain and then log in with the old domain account.
> >> Then, copy the files to the clear and/or export the EFS cert/key,
> >> and then rejoin the new AD domain.
> >>
> >> Roger
> >>
> >> "Miguel" <Miguel.RemoveThis@discussions.microsoft.com> wrote in message
> >> news:454B3B3E-0FBE-48C8-8F41-BCB192E1C462@microsoft.com...
> >> >I moved my PC from Domain to AD (new domain), exporting profile, but
> >> >didn't
> >> > export EFS keys. My PC (XP Pro) sees the encrypted folders and
> >> > contents,
> >> > but
> >> > can't access the files. The SID owner is still visible, although with
> >> > numbers, and under C:\Documents and Settings it seems the info of my
> >> > old
> >> > profile is still there. Is there any porribility of recovering my
> >> > encrypted
> >> > info? I've tried AEFSD and EFS Keys with no success. Thx.
> >>
> >>
> >>
>
>
>