i am reading the guide here about creating a data recovery agent for my server: http://www.pcstats.com/articleview.cfm?articleid=252&page=10
i've followed the directions using the administrator account on the server. but, on page 11, it says "The current user is now a data-recovery agent and can decrypt any EFS encrypted files on the system." however, i have tried decrypting some files that another user account (myself) has encrypted, but i get a "access is denied" error. this lead me to think that my encrypted files are still in danger of being lost in case of a catastrophe. i'm sure there is some weird setting that i made ages ago that is causing the malfunction. please help me resolve this.

You may have to take ownership of the file as the Admin before you can open it. I don't think that its as simple as clicking on it to open as the admin.

thanks for your help. but, i tried taking ownership and i am still getting "access is denied" when i try to open or decrypt a file. the "administrators" group even has full control over the file.

I didn't think that the Admin (as the Default DRA) needed a cert or private key but this link tells me they do... http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prnb_efs_prpr.asp

I don't have my book with me but I think that you create one with the "cipher /r command, look here...
http://www.microsoft.com/technet/security/smallbusiness/topics/Cryptographyetc/protect_data_efs.mspx

Good luck

well i did do that. in the guide i mentioned in my first post, it said that i had to use cipher /r. i'll read through those links; more details there. frankly, though, do i need a data recovery agent if i have my private key (pfx) file backed up? as long as i have this, won't i be able to recover my files in case my account is deleted or some other catastrophe? i could just create new account and import my pfx file? it seems to me that for just one user that is sufficient. but, a data recovery agent is only needed when there are multiple users' encrypted files that need to be recovered if those users' pfx files are also unavailable. sorry, just learning about EFS.