Encryption Question

[coremortality]

Hi All,
I'm running an evalution copy of 2003 Server for school. It was set up in a domain with only 2 users created. it was primarily used as a file server. I moved a bunch of files that I wanted to backup to the server from my primary comp and thought i'd try encrypting them to see if microsofts encryption was worth a damn (HA! my mistake).

About 3 weeks later i had to uninstall active directory from the server as part of my class (second mistake). Upon doing this i realized my files were encrypted (because i could no longer access them and i needed thm ASAP) but NOTHING HAD BEEN DELETE from the server other than active directory. I've reinstalled active directory with the same domain name as i had previously but i can not access the files. I can see the user folders under documents and settings and i can even see the encryption keys but i can not login as the users to access the files and remove encryption.

Is there a way to force windows to load under those users and then unencrypt the files since those user folders still contain the certificate information? OR am I totally screwed.

Thanks for the help.

[EDIT] I've read the sticky on encryption but didn't see my situation listed.

 

[Nothinman]

Guess you now realize that the encryption is worth a damn, eh?

My guess would be that when you removed AD you also removed the accounts (and as such, the private keys for the acounts) that were used to do the encryption. The sticky mentions that if the box is a member of a domain that the domain Administrator account will be a recovery agent by default, but again you may have killed that option when you removed AD.

 

[stash]

The private keys should still be there, since they are stored in the user profile on the file system, not in AD. If this data is important to you, I would spend the $245 and place a call to Microsoft PSS. They have some tools that should be able to get the private key and use it to decrypt the FEK.