- I-EFSDump ikuvumela ukuthi uhlole kalula ukufinyelela kumafayela abethelwe nge-EFS kusuka kulayini womyalo. imiyalo.
- Kuyithuluzi elingasindi, eliqondile elihambisana nezinguqulo zesimanje ze Windows, ilungele ochwepheshe abaphethe ukuphepha ezindaweni I-NTFS.
- Ihlanganisa izinketho ezinamandla zokubuyekeza izimvume zabasebenzisi nama-ejenti wokutakula axhunywe kumafayela avikelwe.
Kulesi sihloko, ngizochaza ngokuningiliziwe ukuthi i-EFSDump iyini, ukuthi isetshenziselwa ini, ukuthi isebenza kanjani ngaphakathi, nokuthi ingasindisa nini impilo yakho ekuphathweni kwesistimu. Kungakhathaliseki ukuthi uchwepheshe we-IT, ozinikele kwezokuphepha, noma umane ungumsebenzisi othuthukile ofuna ukuqonda yonke imininingwane yokulawulwa kokufinyelela kwe-EFS, nawu umhlahlandlela ophelele futhi osebenzayo ngeSpanishi, ohlanganisa lonke ulwazi olufanele oluvela emithonjeni yezobuchwepheshe futhi unikeze iseluleko esicacile, esihlelekile. Lungela ukuba umpetha waleli thuluzi futhi ulawule ngempela ukuvikelwa kwedatha yakho ku-Windows.
Iyini i-EFSDump futhi isetshenziselwa ini?
I-EFSDump iyinsiza encane yomugqa womyalo eyakhiwe ngabakwa-Sysinternals, manje abayingxenye ye-Microsoft, eyazalwa inenjongo elula kakhulu: ukubonisa ngokushesha nangokuzenzakalelayo uhlu lwama-akhawunti (abasebenzisi nama-ejenti wokutakula) angafinyelela amafayela abethelwe nge-EFS kumavolumu e-NTFS. Ngaphambi kokufika kwe-EFSDump, uma ubufuna ukuhlola izimvume ze-EFS kumafayela noma izinkomba eziningi, bekufanele uzulazule ku-Windows Explorer futhi uzulazule kuthebhu yezakhiwo ezithuthukisiwe zefayela ngalinye ngalinye—inqubo ebhalwe ngesandla, eyisicefe, nevame ukuba namaphutha lapho usebenzelana namavolumu amakhulu wedatha.
Siyabonga I-EFSDump Ungakwenza lokhu ngokushesha nangenqwaba ngokuqondile kusukela kukhonsoli, ukuhlunga ngamagama, izandiso, noma ngisho nokusebenzisa izinhlamvu ze-wildcard ezindleleni. Isixazululo esinembile nesiqondile sanoma yikuphi ukubuyekezwa kokufinyelela kwefayela elibethelwe noma umsebenzi wokuhlola ezindaweni zebhizinisi noma zomuntu siqu.
- Landa kusuka kuphothali esemthethweni ye IMicrosoft SysinternalsKumahhala futhi ukulanda kungaphansi kuka-200 KB.
Umongo: I-EFS ku-Windows nezinkinga zayo
Kusuka Windows 2000 kwethulwa I-Encrypting File System (EFS) ku-NTFS, okuvumela abasebenzisi ukuthi bavikele ulwazi olubucayi emehlweni okuhlola. Ukusebenza kwangaphakathi kwe-EFS kucophelela kakhulu: ifayela ngalinye elibethelwe lihlanganisa enhlokweni yalo lokho esingakubiza ngokuthi "izinkambu eziyimfihlo" (i-DDF ne-DRF), lapho okhiye bokubethela ifayela (FEK) ivikelwe i-cryptography yokhiye womphakathi ngumsebenzisi ngamunye ogunyaziwe, kanye ne amakamu okubuyisela okuhlobene nama-ejenti okubuyisela akhethwe ngezinqubomgomo zenkampani.
Kusho ukuthi Kungase kube nabasebenzisi abangaphezu koyedwa kanye ne-ejenti engaphezu kweyodwa enokufinyelela okusebenzayo kufayela ngalinye elibethelwe. Akwanele ukuthi ifayela libe "luhlaza" noma wena ube umnikazi: umlawuli angase anikeze ngokungazi ukufinyelela kwabanye abasebenzisi noma amasevisi ngephutha noma ngokunganaki. Yilapho i-EFSDump iba umbimbi ofanelekile ngokukuvumela ukuthi ubhale ngokushesha zonke izimvume ezisebenzayo ehambisana nefayela ngalinye elibethelwe.
Yiluphi ulwazi olunikezwa yi-EFSDump?
Uma ugijima I-EFSDump efayeleni noma kusethi yazo, uthola a sula uhlu lwabo bonke abasebenzisi, ama-akhawunti wesevisi, nama-ejenti wokutakula ahlobene nokubethela kwalelo fayelaNgaphakathi, insiza ikhipha idatha isebenzisa i-API ethile QueryUsersOnEncryptedFile, okuyikhona empeleni “okufunda phakathi kwemigqa” yemethadatha kanhlokweni we-NTFS ukuze uthole ukuthi ubani ongasusa ukubhala ngekhodi okuqukethwe.
Ngakho-ke, ithuluzi likunikeza ulwazi olufana nalokhu:
- Abasebenzisi abanokufinyelela okuqondile kufayela elibethelwe (labo abalubhale ngekhodi ekuqaleni noma labo abanikezwe ukufinyelela okwengeziwe)
- Ama-ejenti okubuyisela achazwe ngaphambilini (kulungiselelwe kunqubomgomo yokuphepha yendawo noma umlawuli wesistimu)
- Ubunikazi be-akhawunti ngayinye (igama futhi, lapho kufanele, isihlonzi sezokuphepha noma i-SID)
Lokhu kuvumela kokubili abaphathi besistimu nabasebenzisi abathuthukile thola ukungalungiseki kahle, ukufinyelela okungafunwa, noma ubungozi obungaba khona kungakephuzi kakhulu.
Izici eziyinhloko ze-EFSDump
- Ilula futhi iyaphatheka: Akukho ukufakwa okudingekayo, vele ulande futhi ugijime ngqo kusuka ku-console.
- Ihambisana nezinguqulo zesimanje zeWindows: Ingasetshenziswa kusukela ku-Windows Vista naku-Server 2008 kuya phambili.
- Ikuvumela ukuthi uskene yonke inkomba ngokuphindaphindiwe: Ngenxa yepharamitha yayo -s, ungakwazi ukuhlola yonke ifolda nezakhiwo zefolda engaphansi ngaphandle kokuphinda imiyalo.
- Usekelo lwe-Wildcard: Kwenza kube lula ukukhetha amafayela ngokwesandiso (isb. wonke amafayela abethelwe .docx kufolda).
- Okukhiphayo okuhlanzekile futhi okuchazeka kalula: Ibonisa ama-akhawunti, ama-SID, nama-ejenti wokutakula ngendlela ehlelekile ngezinjongo zokuhlola noma zokubika.
- Imodi ethulile: Ipharamitha ye -q icindezela imilayezo yephutha noma izexwayiso, ilusizo ekuhlanganiseni i-EFSDump emibhalweni ezenzakalelayo.
I-EFSDump Syntax kanye namapharamitha
Ukusebenzisa i-EFSDump kuqondile, kodwa njenganoma yiliphi ithuluzi le-console, kubalulekile ukwazi kahle i-syntax yayo ukuze uthole okuningi kuyo.
Ifomethi evamile yomyalo:
efsdump <archivo o directorio>- -s: Itshela i-EFSDump ukuthi icubungule wonke amafayela kuma-subdirectories ngokuphindaphindiwe.
- -q: Icindezela ukuphrinta kwephutha (imodi ethulile), ilungele imibhalo emikhulu noma lapho singafuni ukuthi ikhonsoli igcwaliswe ngemilayezo ephindaphindwayo.
- : Ungacacisa noma igama lefayela elithile noma ifolda (ukuhlola wonke amafayela angaphakathi kwalo), noma iphethini enamakhadi asendle.
Izibonelo ezisebenzayo:
- Ukufaka ohlwini abasebenzisi abakwazi ukufinyelela wonke amafayela abethelwe .docx kufolda yakho yamadokhumenti:
efsdump C:\Users\MiUsuario\Documents\*.docx - Ukuhlola ifolda yonke namafolda ayo amancane:
efsdump -s C:\DataCifrada - Ukuze usebenzise umyalo ngaphandle kwemilayezo yephutha, ilungele ukubhala:
efsdump -q -s C:\CarpetaSegura
Ukusebenza kwangaphakathi kanye nezakhiwo ze-NTFS
I-EFSDump isebenza ngokuqondile kumafayela agcinwe kuma-partitions we-NTFS, isebenzisa izinkambu zangaphakathi kunhlokweni yefayela ngalinye elibethelwe.
Ku-NTFS, ifayela ngalinye elivikelwe yi-EFS lihlanganisa izakhiwo ezimbili ezibalulekile:
- I-DDF (Izinkambu Zokususwa Kwedatha): Bagcina okhiye bokubethela kwefayela, ababethelwe ngokhiye ngamunye ogunyaziwe womphakathi. Nalu uhlu lwangempela lwabantu abakwazi ukufinyelela ngokuqondile okuqukethwe, ngaphandle kokuba nokhiye wesistimu.
- I-DRF (Izinkambu Zokuthola Idatha): Ifaka okhiye ababethelwe be-FEK, kodwa kulokhu ngokhiye osesidlangalaleni wabasebenzeli bokutholwa, okungukuthi, ama-akhawunti anqunywe kusengaphambili umlawuli ezimeni eziphuthumayo noma ukutholwa kwedatha.
Ukuhambisana kwe-EFSDump kanye Nezimfuneko
Ithuluzi Yakhiwe nguMark Russinovich, omunye wonjiniyela be-Windows abaziwa kakhulu emhlabeni nomsunguli we-Sysinternals. Yize yakhelwe okokuqala iWindows 2000, insiza ihlala isebenza ngokuphelele ezindaweni ezintsha kakhulu:
- Amakhasimende: Isebenza ku-Windows Vista nangemva kwalokho, kuhlanganise nezinguqulo zamanje ezifana ne-Windows 10 ne-11.
- Amaseva: Iyahambisana ne-Windows Server 2008 nangaphezulu.
Ayidingi ukufakwa, ayishintshi ukubhalisa, futhi ayishiyi noma yimiphi imikhondo ohlelweni: vele uvule okusebenzisekayo bese uvula iwindi lomyalo elinezimvume zokufunda zamafayela ofuna ukuwahlola. Ukuze uqonde amanye amathuluzi okuhlaziya, ungaphinda ubuyekeze Ungayisebenzisa kanjani i-Windbg.
Umbhali oshisekayo ngomhlaba wamabhayithi nobuchwepheshe ngokujwayelekile. Ngiyathanda ukwabelana ngolwazi lwami ngokubhala, futhi yilokho engizokwenza kule bhulogi, ngikubonise zonke izinto ezithakazelisayo kakhulu ngamagajethi, isofthiwe, ihadiwe, izitayela zobuchwepheshe, nokuningi. Inhloso yami ukukusiza ukuthi uzulazule emhlabeni wedijithali ngendlela elula nejabulisayo.