Your computer won’t power up anymore, so you remove the hard drive and install it as a second drive in a different computer. Then you realize that you’ve encrypted some of the files on the drive using EFS but you failed to back up the encryption key and certificate to removable media. Does this mean those files are lost forever?
Maybe. But first you could try using the reccerts.exe utility to recover the certificate as described in this thread on the Security forum on TechNet:
http://www.wservernews.com/go/1348060049487
You can obtain this utility by opening a ticket with Microsoft Support:
http://www.wservernews.com/go/1348060054018
And if you don’t want to pay for support on this issue, you could try following the somewhat advanced instructions found here:
http://www.wservernews.com/go/1348060059690
I’ve known at least one person who successfully recovered encrypted files using this procedure, but I haven’t tried it myself and can’t guarantee the results. And you might want to clone a copy of the drive before you try to recover encrypted data from it.
The above tip was previously published in an issue of WServerNews, a weekly newsletter from TechGenix that focuses on the administration, management and security of the Windows Server platform in particular and cloud solutions in general. Subscribe to WServerNews today by going to http://www.wservernews.com/subscribe.htm and join almost 100,000 other IT professionals around the world who read our newsletter!
Mitch Tulloch is an eleven-time recipient of the Microsoft Most Valuable Professional (MVP) award and a widely recognized expert on Windows Server and cloud computing technologies. Mitch is also Senior Editor of WServerNews. For more information about him see http://www.mtit.com
