I have essentially the same question as http://social.technet.microsoft.com/Forums/en-US/4bca3592-9230-4231-9e85-cc99bda81a58/how-to-backup-the-programdatamicrosoftcryptorsamachinekeys-directories-and-files?forum=windowsbackup.
The answer given there is of no help. Besides, when I follow the link to the proposed answer, I learn that the article applies to a different version of Windows. I am directed to the "Windows 7 Solution
Center", but once there, there is no way to find the corresponding information for Windows 7.
I need to send away a computer for repair, and I want to copy the contents of its main disk to a folder in another computer. Since the first computer (computerA) is not working, I have extracted its main disk (diskA) and installed it in the second computer (ComputerB). Now I have run a number of utilities to copy the contents of diskA to a folder P:\Copy-of-A\diskA\.
Each utility fails in various ways. Drag and drop, or was it copy-and-paste, I don't remember -- was the first thing I tried. I gave me the impression of working, but when I needed to access a user file on the copy, there was no Users directory. Fortunately I discovered this before sending away computerA with diskA inside.
After googling around and trying robocopy, which went into an endless loop because of a reparse point/juction that pointed to a parent directory, I downloaded xxcopy. It appears to be capable of replicating the reparse points as such.
Now I discovered a row of error messages, e.g.
E:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0192591f117f5bdeac036b2ea90fe2b8_95a850ed-f081-42f1-bf7a-9d5d178d94a4 Copy Failed
Trying to run icacls on the file, to determine what the cause of the failure may have been, i get:
icacls.exe 0192591f117f5bdeac036b2ea90fe2b8_95a850ed-f081-42f1-bf7a-9d5d178d94a4
0192591f117f5bdeac036b2ea90fe2b8_95a850ed-f081-42f1-bf7a-9d5d178d94a4: Ugyldig referanse.
0 filer er behandlet, 1 filer ble ikke behandlet
Translating the Norwegian parts: 019...4a4: Invalid reference
0 files treated, 1 files were not treated
I started an instance of Explorer clicking "Run as Administrator", navigated to this file and opened its properties. Clicking the Security tab, I am told that I need to be logged in as a user with administrative privileges to see the security properties of this object, in order to proceed. There was a button "Continue", which gave me a new dialog telling me:
(My translation from Norwegian):
Owner
You do not have permission to see the security properties of this object. I you want to see the security properties, you can try to take ownership of the object. (...) Observe that when you take ownership of this object, the previous owner may loose access
to this object.
Current owner: Cannot show the current owner.
In other words, I may see the security properties only if I risk destroying the usability of the object for whatever system is using this object. I may take the ownership, but I may not know what owner to restore the ownership to.
I know a solution: buy another spare disk, and make a sector-for-sector image of the disk. But then I need to spend hours taveling to the nearest town, and spend approx. $200. Or I can continue spending hours and hours researching this maze called Windows security. I cannot fathom how Microsoft can omit the tools for something so obvious as the capability to make a no-bullshit copy of all files and all attributes of a disk or a folder hierarchy, faithful enough to ensure that it can be used to restore the contents of the disk in case the repair shop hoses it.
Thanks