How to use Recover /B to decrypt hard-disk.


Article ID: 153751


Updated On:


Endpoint Encryption


The following steps must be performed in sequence:
1. Recover /A
2. Full Disk Access Utility
3. Hard Disk Consistency Check
4. Recover /D
5. Recover /B
Best Practices for Data Recovery using Symantec Endpoint Encryption - Full Disk
If all previous steps failed mentioned in Best Practice, it may mean that a very important cryptographic
key cannot be found. The Recover Program using the /B option reads from a computer-specific recover DAT
file that contains that key, allowing you to decrypt your data. The Policy Administrator creates the DAT file
by exporting a Client Computer’s data from the database. For this reason, Recover /B is only available for
computers that have checked in at least once with the SEE Management Server.
When the Policy Administrator creates the DAT file, the administrator defines a Recovery Password to protect
the DAT file. When the administrator provides the DAT, they tell you the password. Typically the administrator
gives the DAT file an informative name, perhaps containing the name of the computer and the current date and time,
such as D9HCPD3_20090525_Recover.dat.
Make sure that you have the correct DAT file. Since the data in the DAT file is computer-specific, running /B
using a recovery data file intended for another computer will corrupt your hard disk files. Also make sure that
the computer is connected to an uninterruptible power supply; otherwise, data loss can occur if the process stops.

 The password must be at least 16 characters long.

You may need to modify the BIOS to boot from CD/DVD. A command line window is displayed,  and the Recover
Program launches automatically.

Select the option button for recover /B.

Browse to the DAT file. You will be prompted for the Recovery Password associated with the DAT file.

The Recover Program will generate several information and warning messages and/or prompts, depending
on what the program encounters. The most severe warning message occurs if something goes wrong when
the Recover Program attempts to compare values in the DAT file with the client database files, as described below.
If the Recover Program detects a mismatch between the DAT file and the client database files, the program
stops and issues a warning that the data on the hard disk will be destroyed if you continue the recovery process.
Click Cancel to cancel the recovery operation.
If the Recover Program is unable to compare the backup file and the client database files due to file corruption
of client database files, the program halts and issues the same warning message as stated in the previous
paragraph.  Only if you are absolutely certain that the DAT file is the correct file should you continue the
process; otherwise, click Cancel to cancel the recovery operation.