Locked out of hard drive--but I know the password!? Please help!

[Spyrus]

I know this is a Ridiculously simple question to ask but noone has asked.... have you tried logging in under safe mode? You said it was giving the BSOD at the login screen? What message is the BSOD giving?

Would renaming the windows directory to wintemp and installing windows on the same drive again fix the issue?

Can you run the repair option from the disk?

[vynkz]

Hmmm...wait a min, I had a boot password setup, I thought that was the EFS everyone was talking about? I thought that encrypted all your files? I did it so long ago that I forgot what it was called, I think I typed a command up in a windows prompt and it came up asking me to input a boot password. Can't remember what that was called though for the life of me!

[vynkz]

Originally posted here by Spyrus
I know this is a Ridiculously simple question to ask but noone has asked.... have you tried logging in under safe mode? You said it was giving the BSOD at the login screen? What message is the BSOD giving?

Would renaming the windows directory to wintemp and installing windows on the same drive again fix the issue?

Can you run the repair option from the disk?

It also BSODs at a safe mode login attempt The BSOD message unfortunately appears for a nanosecond and restarts my laptop I've tried to do windows recovery console it also BSODs me there

[vynkz]

Hey, I've finally gotten the external enclosure to recognize the drive and took ownership of the files I needed as suggested by you guys! Thanks for all the help guys, boy am I a newb or what!!!!

[Net2Infinity]

Originally posted here by mohaughn
Net2- What do you mean the admin account had the same credentials? If it was a domain, domain admin is usually a recovery agent.

Local machine admin accounts will have a different SID, so the credentials will not be the same... Unless you copied the EFS key between the machines before the one machine died there is no way you just swapped disks and it magically worked.

I would suspect you didn't have EFS setup properly. People have been trying to hack EFS since it came out. I doubt you just accidentally did it.

I created an account on the workstation that had the same username and password as I had on my laptop. As I mentioned it had a different SID, so I had to take ownership of the files. I may not have had EFS setup properly, but the name of the folder that I encrypted was in green to indicate it was encrypted. Both the laptop drive and the recovery drive were both formated as NTFS. I dont have any idea why it worked but I am sure I can lab it up in vmware and try it out.

[morganlefay]

Net2Infinity

Me thinks that the encryption key or a recovery agent was used on the drive
you slaved in...hence being able to de-crypt it

EFS is designed to protect the privacy of sensitive data. Besides the user who encrypts a file, only designated recovery agent personnel can decrypt it. Other system accounts that have permissions for that file — even the Take Ownership permission — cannot open the file without the encryptor's private key.

or part of a domain as stated earlier

Designated user accounts, called recovery agent accounts, are issued recovery agent certificates with public keys and private keys that are used for EFS data recovery operations. Recovery agent accounts are designated by EFS recovery policy. By default, the recovery agent account is the highest-level Administrator account. On a stand-alone computer, this is the local Administrator. In a domain, the domain Administrator for the first domain controller installed in the domain is the default recovery agent account for all computers in the domain. Different recovery agent accounts can be assigned by changing EFS recovery policy, and different recovery policies can be configured for different parts of an enterprise. The private key for a recovery agent account must be located on the computer where recovery operations are to be conducted.

http://http://www.microsoft.com/reso...k_efs_duwf.asp

so what is it????

Enquiring minds need to know.. \


MLF

edit >sorry that link doesnt work....here is another
http://www.microsoft.com/resources/d...k_efs_duwf.asp

Do not encrypt files when you are logged on as the local Administrator unless you have changed the default recovery agent account. The effectiveness of EFS recovery is compromised if a file's creator is both the user and the recovery agent account.

wow...a bug

[Net2Infinity]

Neither the laptop or the workstation were on a domain, nor were they even in the same workgroup for that matter. I will have time to lab it up this weekend as I believe I have a ghost image of the laptop drive around here.