You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue by alphaleonis from Friday Jan 02, 2015 at 19:33 GMT Originally opened as #3
Encryption/decryption happens automatically with most of the regular api calls if the right cert is installed.
However there are situations when if the drive was taken out of the computer for forensic analysis, you would need to access the encrypted files.
In that situation there is usually a delegated decryption user's certificate is stated in the encrypted files metadata, usually it is a active directory primary administrator who allowed the EFS to be used by regular users. So you would need to acquire the cert from that admin to the computer which will try to decrypt affected files.
I think think we could add some extra methods when the right Windows license with EFS lands on one of our hands.
The text was updated successfully, but these errors were encountered:
Comment by alphaleonis from Friday Jan 02, 2015 at 19:34 GMT
Copied from CodePlex. Comments:
lambchops wrote Feb 14, 2013 at 3:27 AM
Downloaded src to have a look at implementing these functions.... but a little lost as it appears that in the releases folder, there is 1.0 and not 1.5. Looking at the changes log it seems that you are up to 1.6? Functions like File.OpenBackupRead do not seem to be there.
Please advise :) thnx
Yomodo wrote Feb 14, 2013 at 10:37 AM
Hi,
Just download and use the latest development build to start implementing.
Perhaps the BackupFileStream() and/or BackupStreamInfo() classes have what you need.
Issue by alphaleonis from Friday Jan 02, 2015 at 19:33 GMT
Originally opened as #3
Encryption/decryption happens automatically with most of the regular api calls if the right cert is installed.
However there are situations when if the drive was taken out of the computer for forensic analysis, you would need to access the encrypted files.
In that situation there is usually a delegated decryption user's certificate is stated in the encrypted files metadata, usually it is a active directory primary administrator who allowed the EFS to be used by regular users. So you would need to acquire the cert from that admin to the computer which will try to decrypt affected files.
I think think we could add some extra methods when the right Windows license with EFS lands on one of our hands.
The text was updated successfully, but these errors were encountered: