http://www.fullarmor.com/solutions/group/
Full Armor wrote it in the first place, and its always worked with Win2k.
--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis - Formerly Harbinger and Extricity
Atlanta, GA
-Original
Hi all, am having a wierd problem which is starting to drive me crazy..
I cannot get GPOs to refresh on a client using the usual:
secedit /refreshpolicy xxx_policy /enforce
The enforce only works if I do either of the following:
1. Update the policy - so the version number increments.
2.
How can I decrypt some files that I did not know were encrypted when I
decommissioned the last DC in that old domain. I have tried restoring them
to a FAT Partition and I can open them but there is no data in them. Any
help would be appreciated
Justin A. Salandra, MCSE
Senior Network Engineer
If you can't find the cert that encrypted them or the cert for the Data
Recovery Agent (DRA) (usually the domain admin) you are out of luck.
They key to open the data is stored in the headers of the file and it is
locked up with the private key for the user who encrypted it and the
private key
I should mention that these files were encrypted by accident by the user by
checking the box encrypt contents while looking at the properties of the
folder. Where could I get the DRA from if the domain doesn't exist, restore
the domain on a workstations?
-Original Message-
From:
I am not positive but if the domain admin had logged into a workstation
at some point the cert may be in that profile. I would have to go to the
RK to find the specific location. The recovery of encrypted docs is
thoroughly documented. I just did a TechNet search and found reams of
info I am sure
How they were encrypted - accidental or not - has no bearing. They're gone.
--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis - Formerly Harbinger and Extricity
Atlanta, GA
-Original Message-
From: Salandra, Justin A.
One possible solution would be to disconnect the network cable and try
logging on as the user who encrypted them, assuming that their are
credentials cached on the machine.
-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 03, 2003 10:14 AM
To:
I looked in the profile on the server at the Administrators profile under
documents and settings, there is a Crypto folder that contains a folder with
a SID/GUID as the name of the folder. Inside there are three System Files.
I am assuming that this is not the location, however is there a place I
www.microsoft.com
www.google.com
www.rtfm.com
www.YouAreProbablyNotGoingToGetTheFilesBack.com
www.DontWasteYourTime.org
-Original Message-
From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 03, 2003 12:39 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir]
Title: Message
Hey
John,
That
checkbox is a representation of the inheriteance flags thatare associated
with each access control entry (ACE), i.e with each specific permission granted
or denied in the ACL.
There
are five flags in the mask that define how each ACE is
inherited:
0x01
By chance is this an XP machine ?? If so try gpupdate.exe instead of
secedit /refreshpolicy, see gpupdate /? for help...
Just a thought...
--Steve
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Ben Machin
Sent: Monday, February 03, 2003 9:21 AM
12 matches
Mail list logo