EFS Recovery Agent Cannot Export Private Keys

기술 자료 번역 기술 자료 번역
기술 자료: 259732 - 이 문서가 적용되는 제품 보기.
모두 확대 | 모두 축소


When you attempt to perform encrypted data recovery, the "Export Private Key" section of the Certificate Export Wizard is either skipped completely, or the Yes, export the private key option within the "Export Private Key" screen is inactive and cannot be selected. The No, do not export the private key option is the only valid selection. If the option to export the private key is inactive, the following error message is displayed:
Note: The associated private key cannot be found. Only the certificate can be exported.
Typically, the option to export the private key at the "Export Private Key" section of the Certificate Export Wizard is available.


This behavior can occur if the Administrator profile was overwritten with another user's profile. Users that belong to the local Administrator group can copy a user profile over another user's profile. This is typically done to replicate profiles with minimal effort. If this is done to the local Administrator profile, the computer no longer recognizes the administrator as a valid EFS Recovery Agent.

You may also experience this behavior if you made the request of the certificate server not to issue exportable certificates. The only way around this is to request a new certificate if you already have one issued.

IMPORTANT: Do not delete the existing certificate until all of the data has been un-encrypted and then re-encrypted.

NOTE: The default EFS Recovery Agent of a stand-alone Windows 2000 Professional-based computer that is not a member of a domain is local Administrator.

해결 방법

To restore the Recovery Agent's private key, use one of the following methods:
  • Restore the administrator's user profile from a backup that was made before the administrator's profile was overwritten.
  • Restore the data from a backup that you made before the data was encrypted using EFS.
You must extract the private keys from an EFS Recovery Agent whose profile is not overwritten. If this is a stand-alone computer, no other Recovery Agents may be available. If there is no other Recovery Agent available and the EFS private key is not backed up, the data is not recoverable.

추가 정보

For additional information about EFS in Windows 2000, click the article numbers below to view the articles in the Microsoft Knowledge Base:
241201HOW TO: Back Up Your Encrypting File System Private Key in Windows 2000
255742Methods for Recovering Encrypted Data Files
223316Best Practices for Encrypting File System
242296How to Restore an EFS Private Key for Encrypted Data Recovery
Additional EFS-related information is available at the following Microsoft Web site:


기술 자료: 259732 - 마지막 검토: 2007년 10월 31일 수요일 - 수정: 3.4
본 문서의 정보는 다음의 제품에 적용됩니다.
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
kbmt kbenv kberrmsg kbprb KB259732 KbMtko
기계 번역된 문서
중요: 본 문서는 전문 번역가가 번역한 것이 아니라 Microsoft 기계 번역 소프트웨어로 번역한 것입니다. Microsoft는 번역가가 번역한 문서 및 기계 번역된 문서를 모두 제공하므로 Microsoft 기술 자료에 있는 모든 문서를 한글로 접할 수 있습니다. 그러나 기계 번역 문서가 항상 완벽한 것은 아닙니다. 따라서 기계 번역 문서에는 마치 외국인이 한국어로 말할 때 실수를 하는 것처럼 어휘, 구문 또는 문법에 오류가 있을 수 있습니다. Microsoft는 내용상의 오역 또는 Microsoft 고객이 이러한 오역을 사용함으로써 발생하는 부 정확성, 오류 또는 손해에 대해 책임을 지지 않습니다. Microsoft는 이러한 문제를 해결하기 위해 기계 번역 소프트웨어를 자주 업데이트하고 있습니다.

피드백 보내기


Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com