The recommended procedure is to remove an agent from a machine only after all files have been decrypted. This is the reason that removal of the agent requires a removal key.
However, in case encrypted files are left behind (e.g. agent was removed and for some reason cannot be reinstalled) or a technical issue this procedure can recover encrypted files.
The application can recover individual files or entire folders. It checks to see if the file is encrypted before decryption and won’t affect unencrypted or previously decrypted files.
You will need:
1. Access to AFdecryptor. The AFdecryptor.exe application is installed as part of the Actifile application.
2. The install key for the relevant account (or the encryption key itself).
3. Administration rights (or permissions to stop & start services).
Note: Yes! it is possible to run AFDecryptor “standalone” – without installing the agent. You need to copy the following three files from any Actifile installation folder: AFDecryptor.exe, AFAgentEngine.dll and Entities.dll. Copy these 3 files to the destination machine and you will be able to decrypt files on that machine.
Steps:
- In the Actifile portal for the tenant, under Settings -> General Settings, ensure that the following settings are set:
a. Two-step verification must be turned off.
b. Protect agent from tampering must be set to off.
c. Make sure to have access to the install key.
Note: If a network connection isn’t available on the device that will be decrypting the files, you’ll need to copy the Encryption Key instead of the install key.
- Stop the Actifile services in the following order: (i) Actifile Updater; (ii) Actifile Agent.
If the services prove hard to stop, anti-tamper may be activated. See step 1 above. - Start the AFdecryptor.exe application from the Actifile install directory (c:\Program files(x86)\Actifile Agent):
Select the file or folder you wish to decrypt. Insert the Tenant Install Key.
Make sure extensions are selected correctly. If a selected folder contains encrypted files with file types other than the default file types (docx, xlsx, & pptx) then we need to include those file types as well in the extension field delimited by comma. E.g. if the folder contains encrypted files with additional file types pdf, ppt, doc, txt, xls then the extension field would look like
docx, xlsx, pptx, pdf, ppt, doc, txt, xls
Click Decrypt.
The single file / files in the folder (and subfolders) will be decrypted. For very large folders with many encrypted files this process may take a long time.
In case of an TwoStep Error (see below) Two Step Verification needs to be disabled (see step 1 above).
From Settings -> General Settings disable Two Step Verification.
Note: If the device does not have access to a network, the install key will not work (as it won’t be able to use the Microsoft Azure Vault to retrieve the key via the protected and validated DPAPI protocol) so you’ll have to use the actual key to decrypt the files. Since this exposes the key it should only be done in an emergency.
Under Settings -> General Settings click “Encryption key” at the bottom of the page.
You will need to copy the Customer Id into the Tenant ID field and the Encryption Key into the Password.
After decrypting, restart the Actifile services in step 2 above to resume normal operation.
Note: depending on the configuration, the decrypted files may be re-encrypted. Make a copy of the files (in step 5) where Actifile will not encrypt them again.