O'Reilly logo

Inside Windows® Server 2003 by William Boswell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Encrypted File Recovery

As we saw in the last topic, a long sequence of events fire off when a user opens an encrypted file. EFS must access the user's private key, which requires help from DPAPI to use the Session key derived from the Master key, which is itself protected by a key containing the user's password hash.

If the user leaves the company or goes on vacation or dies or just plain gets stubborn and refuses to open a file, you can reset the user's password in Active Directory and then log on as the user. The DPAPI will build a new Master key with the new password hash and use a Session key derived from this Master key to re-encrypt the private keys.

If commandeering a user's account is not an option, you can open the user's encrypted ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required