Unable to copy encrypted files with Operator account

Discussion in 'Windows Vista Security' started by Peter Meinl, Feb 19, 2007.

  1. Peter Meinl

    Peter Meinl Guest

    I run my automatic backups using Syncback under a custom Operator account
    belonging to the Administrators group.
    Coyping EFS encrypted files not belonging to the Operator user does not work
    I tried to manually copy a EFS encrypted file in \users\x\ as Operator using
    Windows Explorer and even after giving it elevated rights was denied to
    copy.

    How can I fix this?
     
    Peter Meinl, Feb 19, 2007
    #1
    1. Advertisements

  2. Peter Meinl

    Peter Meinl Guest

    I forgot to mention: I am trying to copy to a local NTFS eSATA volume.
     
    Peter Meinl, Feb 19, 2007
    #2
    1. Advertisements

  3. Peter Meinl

    David Craig Guest

    Are you doing a backup or a copy? There is a big difference though the
    intentions may be the same. A copy will place the encrypted files as
    plaintext in the destination, unless the destination is an encrypted
    directory. A backup will place the files in encrypted form in the
    destination. There are different roles in administrator and backup
    operator. The software being used is also important as to if it is a copier
    or a backup program. Incorrectly used/designed software will not work
    properly. I sure hope you have backed up your encryption keys since you
    cannot duplicate the key since it is randomly generated.
     
    David Craig, Feb 19, 2007
    #3
  4. Peter Meinl

    Peter Meinl Guest

    Copying an encrypted file to a local NTFS volume does not decrypt the file -
    regardless of the EFS settings of the destination folder. My problem is copy
    access being denied by Vista, not files being decrypted.

    Yes, I did backup the encryption key and Vista does remind you to.
     
    Peter Meinl, Feb 20, 2007
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.