Messed up premissions on storage drive

[KeypoX]

I just reinstalled and it seems my D drive that has all my data, and i use for my docs, etc. Has lost ownership i guess. First noticed because FF wouldnt download to it, to my downloads folder. Next tried to extract something on the D and it wouldnt work.

I can delete but have to hit continue, on the prompt that says it needs administrator access.

I figure the permissions got messed up somehow, this has never happen before though...

Before i start messing with the permissions i wanted to see what you guys think.

 

[KeypoX]

well i got impatient and tried these commands in elevated command prompt
takeown /f D:\ /r /d y
icacls D:\ /grant administrators:F /t

which did not help. God this is so fucking annoying.

EDit: maybe it did work.

EDIT: It seems it might have worked, just took a few minutes AFTER both tasks were completed. Very weird, though maybe because i adjusted UAC. I dont care as long as it works, damn that was super annoying.

 

[KeypoX]

never mind didnt work still need to hit continue to delete files. And cannot extract with winrar, i get access is denied. This really sucks, would reinstalling fix this?

 

[KeypoX]

i think its fixed again, so annoying. I never had this problem with vista or any of the 7 betas, or RTM home premium. Is there something special about pro?

Ok it seems that if i completely turn off UAC, i can do anything on the D drive. However at any on settings i have to confirm to create or delete. Rendering programs useless that try to do this. I guess im stuck with turning UAC off ???

 

[RebateMonger]

If you look a the Advanced Security settings for your "problem" folders, what does it show for the "Effective Permissions" for the account that you use on your "new" computer?

 

[KeypoX]

Originally posted by: RebateMonger
If you look a the Advanced Security settings for your "problem" folders, what does it show for the "Effective Permissions" for the account that you use on your "new" computer?

full control. Everything checked for my main user, who is an admin. '

 

[KeypoX]

Whats weird though is under security tab, there is two users called

Account Unknown(S-1-5-21-xxxxxxxxxx-xxxxxxxxxxxx)

with different numbers on the x's. And they both have full control. Should i remove them.

I installed with the iso from msdnaa. I knew i should have used my trusty leaked RTM. But that couldnt really be an issue.

 

[RebateMonger]

Those unknown accounts are from your old system. Since those accounts no longer exist in your new system, they are of no value. When you re-install Windows, all the User ID numbers are different from the old system. Having them there neither hurts nor helps your problem.

 

[KeypoX]

Originally posted by: RebateMonger
Those unknown accounts are from your old system. Since those accounts no longer exist in your new system, they are of no value. When you re-install Windows, all the User ID numbers are different from the old system. Having them there neither hurts nor helps your problem.

yeah thats what i figured. i have never had a permissions problem like this... I just install and permissions are good.

Shouldnt windows set permissions during install? What would cause it not to?


Everything is fine btw with UAC disabled but i feel exposed. And the new UAC for windows 7 is very non intrusive but i can't use it. (Didnt use it in vista)

 

[KeypoX]

If reinstall would fix this i could do that. As its pretty much a fresh install. It couldnt possibly be caused from using MSDNAA iso could it? I deleted leaked rtm isos.

 

[RebateMonger]

I'm not sure what's causing it. Offhand, I don't think a re-install of W7 will help.

I don't think you said what version of Win7 you are using, and I haven't looked at anything but Ultimate, but I doubt it will make any difference. I THINK that all versions of Win7 have the same GUI Security options.

Instead of using the command line stuff (which I've never used), what about using the GUI and resetting the ownership and permissions one more time? Maybe the command lines weren't quite correct.

Right-click on the entire D: drive. Select the Properties. Then select Security tab.

Go to the "Advanced" settings.

Take ownership of the drive, giving it to your current account.

Select the "Permissions" tab (still in the Advanced settings) and choose your current account and give it "Full Control". Be sure to check the box, "Replace all existing inheritable permissions on all decendents with inheritable properties from this object".

Save all your changes and reboot the computer or log out/log in - Important: The changes won't be in effect for you until you reboot (or log on/log off)!

Hopefully you remembered to log off/log in during your previous attempts to reset permissions. You only get your new access rights AFTER you've logged back in.

 

[KeypoX]

Originally posted by: RebateMonger
I'm not sure what's causing it. Offhand, I don't think a re-install of W7 will help.

I don't think you said what version of Win7 you are using, and I haven't looked at anything but Ultimate, but I doubt it will make any difference. I THINK that all versions of Win7 have the same GUI Security options.

Instead of using the command line stuff (which I've never used), what about using the GUI and resetting the ownership and permissions one more time? Maybe the command lines weren't quite correct.

Right-click on the entire D: drive. Select the Properties. Then select Security tab.

Go to the "Advanced" settings.

Take ownership of the drive, giving it to your current account.

Select the "Permissions" tab (still in the Advanced settings) and choose your current account and give it "Full Control". Be sure to check the box, "Replace all existing inheritable permissions on all decendents with inheritable properties from this object".

Save all your changes and reboot the computer or log out/log in - Important: The changes won't be in effect for you until you reboot (or log on/log off)!

Hopefully you remembered to log off/log in during your previous attempts to reset permissions. You only get your new access rights AFTER you've logged back in.

I did reinstall and it didnt help. (Gonna try again)

On the permissions my account isnt specifically mentioned. But administrators is listed, which current user is part of.

 

[KeypoX]

before i completely lose my mind tell me this isnt supposed to be default behavior. Running pro btw.

 

[KeypoX]

thanks man, changing the permissions and checking the box about subobjects. Has mostly fixed the problem.

Jezz that was annoying, sucks i reinstalled, but im quick and have all the stuff I install saved on this D drive lol.

Im still curious why this never happen with vista (10plus installs), 7 (beta, RC, RTM Ulti, RTM home prem). Becuase i have had this same set up for years.

Edit: Hmm seems the problem came back and set the main folder as read only... undoing that. I think i can figure everything out, it just really pissing me off. Dunno how this main folder (400+GB) got set as read only.

Edit2: When applying permissions to D: it only applied it to D:\games, but there are other Dirs. So i had to apply to the four other dirs at root of D. Very weird. Annoying and pissing me off. Felt like i was using linux/mac.

 

[RebateMonger]

Moving drives from one PC to another can present various complications. But, as far as W7, I just tried something and the result surprised me:

I have a 1 TB disk attached to a Server 2008 via an eSATA connection. The Server 2008 is a standalone machine, not on a Domain.

Using the "Administrator" account on the Server 2008, I'd copied many Gigabytes of data to the drive. When I checked Security permissions, I found the "typical" settings of Full Control for the Administrator and for System, and limited rights for "Users".

I put the disk in a SATA-to-USB adapter and hooked it to a W7 RC box. That W7 box is a member of a Domain, but it has NO idea of any of the accounts on the standalone Server 2008 box.

I then examined the Security Permissions. Surprisingly NONE of the "old" accounts are listed. Only accounts from the W7 box are shown:

Administrators (new machine) - Full Control
Creator/Owner - None
Users (new machine) - Limited Rights
System - Full Control

So, for W7 RC, moving a disk from one machine and putting it into another (via USB) gives Full Control to Administrators and limited rights (read and execute) to Users. Ownership is listed as "Administrators" in the Advanced Security panel.

 

[KeypoX]

Originally posted by: RebateMonger
Moving drives from one PC to another can present various complications. But, as far as W7, I just tried something and the result surprised me:

I have a 1 TB disk attached to a Server 2008 via an eSATA connection. The Server 2008 is a standalone machine, not on a Domain.

Using the "Administrator" account on the Server 2008, I'd copied many Gigabytes of data to the drive. When I checked Security permissions, I found the "typical" settings of Full Control for the Administrator and for System, and limited rights for "Users".

I put the disk in a SATA-to-USB adapter and hooked it to a W7 RC box. That W7 box is a member of a Domain, but it has NO idea of any of the accounts on the standalone Server 2008 box.

I then examined the Security Permissions. Surprisingly NONE of the "old" accounts are listed. Only accounts from the W7 box are shown:

Administrators (new machine) - Full Control
Creator/Owner - None
Users (new machine) - Limited Rights
System - Full Control

So, for W7 RC, moving a disk from one machine and putting it into another (via USB) gives Full Control to Administrators and limited rights (read and execute) to Users. Ownership is listed as "Administrators" in the Advanced Security panel.

Yeah same as when i installed this pro. That means your current user wont be able to create folders or delete stuff without giving admin access. Also programs like FF and IE cannot download to that drive.

I guess this is default behavior but i never experienced this before.

 

[RebateMonger]

I did some more testing.

I had a new Domain account log into the W7 computer. That account was, by default, a "User" and not a member of the "Administrators" group.

I found that the new account could create NEW folders on the USB drive and could read existing files, but could not delete existing files. Basically, since the new account had no special rights to that USB drive, he/she could not do anything that would change existing data, but could freely ADD files and folders. This is typical behavior for most folders on a Windows desktop or server.

Using my (Administrator) account, I gave the new user MODIFY rights to one of the existing folders. I got a strange error message, but the change DID seem to take effect. My new user can now delete files that were already on the disk or were subsequently added by another user.

So if you want a new user to have rights to the ENTIRE disk, you should just have to go into the Security properties of the disk and add "Modify" or "Full Control" rights to the entire disk, making sure you propagate the changes to the lower level folders, too. Otherwise, go through the folder list and change the Security properties of the individual folders, allowing downward inheritance when appropriate.

I just did that with my USB drive, giving "Modify" permissions to the new user on the entire drive, and it worked fine. The new User can now delete everything on the drive.

The behavior I'm seeing doesn't seem different than what I'd expect from XP Professional, except for that one error I got (saying that my account, which is a member of "Administrators", doesn't have permission to add Security rights for a folder, but it seemed to work anyway.)

 

[KeypoX]

thanks for the help man. I think i got it all setup mostly right. The main problem was that trying to apply permissions to D:\, IE Right clicking on D:, it wasnt applying to all folders like it should have.

I think i got it worked out though. Actually this could be a bug... D is 900GB and when i applied permissiosn to (All files and folders) it only did, D's root, and the D:\games. But didnt continue on to D:\DL, D:\docs, etc. So, when just changing in D:\ i was chaning permissions and then testing by going to D:\dl\news and then trying to create folders and delete folders and it wouldnt work.

 

[RebateMonger]

I have 650 GB on my USB drive. After changing the permissions for the whole drive, I went down five levels and deleted files using my new user, so it seemed to work OK for me.

Best of luck.

 

[ImDonly1]

Didn't read the whole thread but, if you right click the folders/files lets say in the main drive D: (one by one). Then go to properties, then the security tab, at the bottom click advanced. In the advanced window click owner at the top. Under owner click edit and select your username. Make sure to also check the box for "replace owner on subconainers and objects." Click OK and you should have full access to the drive/folder. You can now also delete the "unknown" or old account if you want to from the security tab and add your username and the Administrators group or whatever the default groups are and assign controls to them.

I guess you can just right-click on the drive itself and set the owner info also instead of clicking on each folder separately in the root of the drive (if you have lots of folders/files).

 

[KeypoX]

Originally posted by: ImDonly1
Didn't read the whole thread but, if you right click the folders/files lets say in the main drive D: (one by one). Then go to properties, then the security tab, at the bottom click advanced. In the advanced window click owner at the top. Under owner click edit and select your username. Make sure to also check the box for "replace owner on subconainers and objects." Click OK and you should have full access to the drive/folder. You can now also delete the "unknown" or old account if you want to from the security tab and add your username and the Administrators group or whatever the default groups are and assign controls to them.

I guess you can just right-click on the drive itself and set the owner info also instead of clicking on each folder separately in the root of the drive (if you have lots of folders/files).

yep ownership did cascade down from D:, but permissions did not apply to all subfolders, it only applied ot D: root, and D:\games.

Very weird, maybe a bug? But i got it all worked out finally. I think...

 

[Raincity]

I ran into the same problem importing my all documents and pics off a CD from my previous XP install. I had to copy each file one by one and change the permisions to get acces to them.

 

[ImDonly1]

Originally posted by: KeypoX

Originally posted by: ImDonly1
Didn't read the whole thread but, if you right click the folders/files lets say in the main drive D: (one by one). Then go to properties, then the security tab, at the bottom click advanced. In the advanced window click owner at the top. Under owner click edit and select your username. Make sure to also check the box for "replace owner on subconainers and objects." Click OK and you should have full access to the drive/folder. You can now also delete the "unknown" or old account if you want to from the security tab and add your username and the Administrators group or whatever the default groups are and assign controls to them.

I guess you can just right-click on the drive itself and set the owner info also instead of clicking on each folder separately in the root of the drive (if you have lots of folders/files).

yep ownership did cascade down from D:, but permissions did not apply to all subfolders, it only applied ot D: root, and D:\games.

Very weird, maybe a bug? But i got it all worked out finally. I think...

The "replace owner on subcontainers and objects" should have done all subfolders and such, no?

 

[KeypoX]

Originally posted by: ImDonly1

Originally posted by: KeypoX

Originally posted by: ImDonly1
Didn't read the whole thread but, if you right click the folders/files lets say in the main drive D: (one by one). Then go to properties, then the security tab, at the bottom click advanced. In the advanced window click owner at the top. Under owner click edit and select your username. Make sure to also check the box for "replace owner on subconainers and objects." Click OK and you should have full access to the drive/folder. You can now also delete the "unknown" or old account if you want to from the security tab and add your username and the Administrators group or whatever the default groups are and assign controls to them.

I guess you can just right-click on the drive itself and set the owner info also instead of clicking on each folder separately in the root of the drive (if you have lots of folders/files).

yep ownership did cascade down from D:, but permissions did not apply to all subfolders, it only applied ot D: root, and D:\games.

Very weird, maybe a bug? But i got it all worked out finally. I think...

The "replace owner on subcontainers and objects" should have done all subfolders and such, no?

yes it did replace owner but that doesnt change permissions. Permissions are a bitch and over all these years with windows, since 311, i have never had to deal with permission non sense. Prob because i always ran as an admin, and with vista i turned off uac.

Linux/mac is another story lol.

 

[WildViper]

I have the same f'in problem. I moved from XP Pro with a Squeky Clean install of Win 7 Ultimate x86.

I have lots of drives on my system where I store my pictures, my videos, my music and so on.

Few of the folders had the owner as (S-1-whatever) and I took ownership of all. BUT, as keypoX said, that DID NOT change the permissions to all subfolders and in my case to even certain files.

I was trying to use Allway sync and ensure my data was backed up and it seems that this was throwing it off. So I looked into it and I just can't get the permissions to go through to all subfolders. Only works at top level folder and then I have to go in one by one to change permissions.

Any way around this??? I have not disabled UAC. Please note that disabling the UAC apparently has no effect on the permissions.

This is a BUG! If I take Full ownership..I am Full Admin...I change Permission on top-level folder...it should propogate through to all subfolders and files!!!!! Come on MSFT, fix this.