• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Locked out......



Hi guys.
I used to have files in my documents on my old partition
and they were in admin accounts, so u couldnt access them unless you were logged in as that user.

I did some upgrades and installed a fresh install of WinXp.
This is on the new hd and i now i cant access my old documents....
can anyone help?


Tabula Rasa

Stranger Than Kindness
Political User
Do you get any sort of massage, or just cant access them?
If your logged in as an admin you cant access the either?

If nothing else works you can try installing some kind of description software.
If you were using XP Home you might have a slim chance of recovering the old users data as you can boot to safe mode and alter the (file sharing) properties.
An XP Professional re-install will save the data but you won’t be able to access it without a special tool from MS. You should have been warned about this when you re-installed. I’ve done this a few times myself.


do u know where i can access this special tool from MS?
like the link....
or do i have to email them...
and there are too many encryption/decryption tools....
if you know one that directly tackles my problem,
it would really help :)
Come on you MCSE's this was part of the security update from 2000 to XP.

I'm sure this was answered about three servers ago (XP Forums)

I've forgotten!!

free spirit

first make sure you log in in an admin account

in tools>folder options>veiw down bottom simple share... make sure its unticked. click ok

go to folder>right click>properties>security

add your account/the admin group to box and you should get back in


jeez, knock it off!

I'm an MCSA... hoping to make this clearer.

EFS (Encrypting File System) is not a toy you can bypass by just being an admin.
EFS is based on a digital certificate architecture which enables user on a certain network or machine to safely protect his files and folders.
EFS is achieved with a pair of keys... to make it simple... one key is the user private key (coming from the account SID - security identifyer) the other key, needed to validate the user's one, comes from the certification authority, means the computer (not the administrator) or the network certificate server.
Files can only be encrypted and decrypted ONLY if the pair of keys match, means that ONLY the original user on THAT specific (network/local) system can handle protected data.

This architecture has ben implemented specially to protect encrypted files against other users and system installations. You can't just dismount an HD, move it under another computer and expect to trick EFS... even if you are an admin.

Cases are 2:

1. On the same encrypted system, you delete the user account along with the user encrypt/decrypt key. You can recover user's encrypted files using the administrator account, who is the default Recovery Agent. If you don't have a Recovery Agent policy, you may create one but you MUST do this on the same system where data had been encrypted (same master system encryption key).
2. You reinstall (or fresh install) the operating system and then loose both the user key and the master system key bacause all SIDs change with a new system installation (fool is the one doing such a thing without backing up sensitive data). The only thing you can do is brute forcing the encrypted data with some sort of hacking tool (I don't know if there are any). Anyway you most likely loose your files forever in this case, you're lucky if you recover some sort of unreadable byte.

Besides, EFS is not available on XP Home Edition... so that thing about Pro over Home or Home over Home or else Pro over Pro don't change a thing.
As far as I know, there is no MS tool to perform a brute force attack on protected data. I might be wrong, but it would be stupid if MS distributed a tool to bypass its most important data protection.

XP Abuser

yeh if youve efs'd it then it is near impossible as the data is encrypted on the disk and once its been encrypted there is no other way you can get it without the original keys


ah **** i did the exact same thing. my windows boot screwed itself and i had to reinstall windows over the top. all is intact except i cant get access to my oold documents with admin or not and ive tried doing the above fix with putting in your name under administrator or whatever...

i had lots of important stuff in there. - all my pictures collected over years. my uni work, and probly most importantly my cv (lucky though i pretty much have that backed up somewhere i thinks)...thing is i had about 5 gig of mp3s that were half downloaded (soulseek) as in unfinished (ready to resume) and a gig of pictures i've collected over ages...

please guys if there is any way to get around this let us know.

my friend seems to think he might be able to get around it by doing a linux install or something. which i am game to do if it would work (yes im that desperate) but it looks as though from the above that it wont work 8(


argh it look slike it might be possible from this:

recovery agent certificate. The actual recovery process is complicated, but it involves adding the certificate to the Active Directory’s recovery policy. The recovery agent certificate is based on the public key infrastructure. This means that the certificate contains the necessary data to decrypt the file.
can anyone translate that to english for me??? and offer suggestions how to go about doing it?

i used easyrecoverypro but that did jack all 8(

im really worried about not getting this stuff back (just all the effort that was in it)
and yes i shoula backed it up but i didnt realise if windows ****ed up i wouldnt have access again..otherwise i woulda just accessed the files in dos prompt and copied them over before reinstalling (if that would even work)

sh|t :(


1. On the same encrypted system, you delete the user account along with the user encrypt/decrypt key. You can recover user's encrypted files using the administrator account, who is the default Recovery Agent. If you don't have a Recovery Agent policy, you may create one but you MUST do this on the same system where data had been encrypted (same master system encryption key).
can you please clear that up a bit more?...maybe i can configure (or reinstall windows again) to make it think i am on the same system?..would that involve same pc names, workgroup etc?

[clutching at straws here]


ok worst case scenario - i dont even have the ability to delete the folder let alone see how big it is...how the hell do i get rid of it (its a good 4-5GB on my hardisk) wll i think it is. it was...its just that now it doesnt tell me how big it is.



I figured out how to do it!!!...

the only problem is as its on a per-file basis (which is particularly bad for me coz i have thousands)

the procedure is as follows....no guarantees that it works - but it worked for me (on winxp pro)

ok. Log in as administrator (when you are about to log in [or after a proper log off] pres ctrl alt delete twice - then put in Administrator as the username and then the password)

now find the folder that is encryptd - say my documents. go to the properties. then click on security tab, a warning should come up - just press ok. go to advanced, now go to owner and highight the administrator one. then click apply. then click ok twice (to close all properties pages). then open the properties for the file/folder again. click the security tab, click add, type in Administrator and then click check names then click ok. then click on the checkboxes (check them all - clicking the first will do this) then press apply and ok. the file should work now. - it worked for me!!!....thing is i just have to go through about 2000 files like this to get it done. which i will do for most of the stuff i want. hope this helps - it should get you out of a dire emergency.

if anyone would know how to do a batch version of this or make it work for all concurrent folders (not just the one you are using it in. it would be an IMMENSE help to me/us



not bad for a few mins mucking around with stuff i have absolutely no idea about!!! :lol
Ok basically all you need to do (in XP Pro) is turn off Simple File Sharing, then make sure you have an admin account then right click on the folder select properties and security and then goto advanced. Then click the Owner Tab, then simply take owner ship of the folder, then all you need to do is make sure that all of the files and folders contained within take their attributes from the parent directory.

Then just add the Administrators the owner list or give them full control and whatever.

Works everytime. Also dont use EFS it prevents this method from working, you can make it private as I think the Admin account has access anyway


thankfully i seem to have figured it out. at least for the administrator account..and im pretty sure i made it work for Everyone as well with the properties.

Now i'm gonna reinstall windows and take back my default user name.

if worst comes to work i'll just have to do it again.

Because i got it back methinks the files actually werent encrypted but rather just made private byownership status.
Its one of the tick boxes after you enter the advanced bit in the Permissions Tab.

Tick this:
Inherit from parent the permission entries that apply to child objects. Include these with entries explicitly defined here.

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
What a long strange trip it's been. =)

Forum statistics

Latest member