I am not positive but if the domain admin had logged into a workstation at some point the cert may be in that profile. I would have to go to the RK to find the specific location. The recovery of encrypted docs is thoroughly documented. I just did a TechNet search and found reams of info I am sure there is something in there for you to look at.
-----Original Message----- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Monday, February 03, 2003 11:46 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Decrypt Files from a no longer existing domain I should mention that these files were encrypted by accident by the user by checking the box encrypt contents while looking at the properties of the folder. Where could I get the DRA from if the domain doesn't exist, restore the domain on a workstations? -----Original Message----- From: Sullivan, Kevin [mailto:[EMAIL PROTECTED]] Sent: Monday, February 03, 2003 11:37 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Decrypt Files from a no longer existing domain If you can't find the cert that encrypted them or the cert for the Data Recovery Agent (DRA) (usually the domain admin) you are out of luck. They key to open the data is stored in the headers of the file and it is locked up with the private key for the user who encrypted it and the private key for the DRA. The data is encrypted symmetrically. You may find those keys exist somewhere even though the domain doesn't exist anymore. You should be able to recover with them. -----Original Message----- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Monday, February 03, 2003 11:33 AM To: ActiveDir (E-mail) Subject: [ActiveDir] Decrypt Files from a no longer existing domain How can I decrypt some files that I did not know were encrypted when I decommissioned the last DC in that old domain. I have tried restoring them to a FAT Partition and I can open them but there is no data in them. Any help would be appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
