Windows EFS encryption on an Excel file…

pts.
Tags:
DataCenter
Desktop management applications
Development
Management
Microsoft Office
Microsoft Windows
Networking
OS
Security
Servers
SQL Server
Here is the situation. I have a client who took an encrypted file from their workstation and put it on a file server. They then copied the file to a new laptop. The old workstation has been formatted. The problem is, the Excel file that was encryped locks up the computer anytime the user tries to open the file. Even if I right click and goto properties, the computer locks up. To my knowledge, only the user that encrypted the files can unencrypt them or open them. Is this the case? Is there a way aound this?

Answer Wiki

Thanks. We'll let you know when a new response is added.

If the PC was a part of a domain, chances are that this domain had recovery agent(s) defined, usually the domain administrator account.

Discuss This Question: 5  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Skepticals
    It was not part of a domain. Is there another way of recovering the files?
    0 pointsBadges:
    report
  • Secprotn
    If you are using EFS with certificates issued to the user from an internal CA, you should have defined key archival for the issued certifcates. If you did, the user's EFS key can be recovered from the CA and then imported to another computer. That computer would then have the saem access as the user that encrypted the file. When you look at the properties of the file under Details->Advanced, it will tell you the keys that can decrypt the file. Any of the keys listed could be used to decrypt
    0 pointsBadges:
    report
  • Skepticals
    secprotn, I can't even right click and goto properties on these files; the computer locks up for awhile. Do you think the files may be corrupt?
    0 pointsBadges:
    report
  • Mortree
    First question: Have considered that the file is simply corrupt? The second question is -- was the encryption done with XP EFS? If this encrytion was done with domain certificates you can try logging with the user domain account for automatic decryption. Might have to reset a pasword. Also an EFS file should have automatically decrypted when moving over the network to the file server and to the new client computer. So there may be the case that the file on the server might not even have been encrypted at that point. In any case look at older backup tapes for an uncorrupted copy. Or even the server recovery bin if it hasn't bee too long. In any case when moving it to its final destination, the user would have had to reencrypt the file manually or by copying it to a folder with encryption set. Chances are the encryption key is off the domain account or worst case on the current local machine. You can try the Recovery Agent process either of the Domain or the local machine. Note: If the file server is set for encryption by remote clients (Computer Trusted for Delegation unless it is WebDAV server), the file might might have been reencrypted. But I am pretty sure that uses Domain User account certificate info rather than local computer keys as could well have been the case before. Do you still have the user account? Well there is still the Domain Designated recovery agent procedure if you have a tape copy.
    0 pointsBadges:
    report
  • Mortree
    Oooh! on reading again -- yes corrupt. In fact you might want to do a checkdisk because it sounds like directory level problems. I originally thought you were talking lock up only with Excel...though I thought Excel would detect encryption and prompt you about it (provide acocunt with permissions). But on a bright note it sounds like your user had to rely on local encryption. Therefore the copy stored on file server is almost certainly unecrypted -- all assuming he was relying on EFS instead of some non-Microsoft solution like PGP. So go locate a backup tape or the Recycle Bin for that folder.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following