Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

folder security 1

Status
Not open for further replies.
Ricjd

Ricjd

Programmer
Sep 12, 2002
104
GB
over the weekend we formatted our server and changed the domian name.

previously we had a folder which was only accessible by certian users. now no one can access it. i was wondering if anybody knew how to get round this.

thanking you in advance
rick

also does any one know how to stop poeple using microsoft messager using MS Server 200?0
 
Sort by date Sort by votes
I suppose that before format you did a backup of that computer. Right?
And after restore there are files/directories that cannot be accessed.
This can happen if you were using EFS (Encrypted File System). If this is your case, there is two possibilities:
- documents lost forever
- possibility to recover

Also, looks like you had only one Domain Controller. If this is the case, your files are in the seccond possibility: lost.

Why?
EFS is encrypting the files based on the SID of the user. Also is adding a key for decryption. By default thatis a Domain Administartor. (you can change this, you can use Certifciates,. etc. but I don't think you did this. any such change should be done before encryption).

If you have a backup (full backup) of the old Domain Controller, then you are saved. Restore it, and then you will be able to access the folders that you want and recover them.


Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
 
Upvote 0 Downvote
is there any other way of doing it except going back to my back up, as this would be a pain and put the netork down for a number of days, and most prob mean me working over the weekend again.

rick
 
Upvote 0 Downvote
What i said is just a presumtion. You should ask your users if they were using Encryption (EFS).
Could be cause also by a damage in the file system. But, is just another possibility. If you are sure that you don't have such errors, then more likely to be EFS.

For EFS
You have: full backup ( i hope so), or backup of the system and a backup of the drive where you have these encoded files.
What you need: restore the backup, logon as administrator, enter on those diretories with EFS, and ask for taking ownership. Then remove EFS.

What you can do:
Install a new DC. Demote first DC. Restore the backup on the first DC. Then do above procedure. Then run dcpromo and remove the AD on it, and then join back to the AD.

Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
 
Upvote 0 Downvote
no it is EFS. i was the one who set it. the files are on a diffrent drive so if that information makes it any easier please let me know.

also would i be able to restore the backup to a diffrent computer then remove the EFS? or does it have to be the same computer?

if not then there is a lot of work ahead of me!

thankyou very much Gia, you'v been helpful
 
Upvote 0 Downvote
To restore the files you need the two things:
- log on with Administrator of the domain, or the user account of the guy that was using the directories
- access to the drive where the files are stored

When you will access the file (even if the files are on a different computer, the credentials of the user that access the file are tested against the ones from encryption.
So, if you are using the account of the user that encrypted them, then is simple: copy, paste them, and uncheck EFS.

If you are using the Administrator account, then you will not have rights to access the files directly. First you have to take the ownership of the files, and then you are the owner, and you can remove the EFS.

Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
 
Upvote 0 Downvote
how can you take ownership of the folders?

rick
 
Upvote 0 Downvote
Select folder /right mouse/ properties/security/advanced/owner
then set the owner.

Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
 
Upvote 0 Downvote
Gia my wonderful Gia

You saved me in the nick of time.
Let me buy you dinner or something!!

*Starts to sing* You are soo wonderful to meeeeeeeeeee
*Stops singing as dog joins in!

Thankyou ever so much

Rick

P.s. Nice web site
 
Upvote 0 Downvote
Thanks. That's why I'm here. To help, learn and exercise my knowledge.
As about a dinner,.... not a bad idea. My cat will survive alone one evening.:))

Gia
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sburgess73
  • Locked
  • Question
MSIPCCache Folder
Replies
0
Views
260
sburgess73
sburgess73
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
389
hairlessupportmonkey
hairlessupportmonkey
StevenFromSouth
  • Locked
  • Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
353
StevenFromSouth
StevenFromSouth
Dave60608
  • Locked
  • Question
Accessing shared folders via a network
Replies
5
Views
689
strongm
strongm
juliog
  • Locked
  • Question
Unable to get Server 2019 GPO Redirected Folders to Work on Windows 7
Replies
1
Views
324
tacohunter
tacohunter

Part and Inventory Search

Sponsor

Back
Top