senorsnor
asked on
[W2K3] CHKDSK reset all file permissions
Last friday I rebooted one of our servers. When it came up, it ran checkdisk, but then chkdsk said "Replacing invalid security id with default security" and it did just that: on one of the disks it replaced ALL file permissions with default permissions (so only Administrators and system had access to the files). We had to reset the file permissions by hand.
Searching for a reason for this I found http://support.microsoft.com/default.aspx?scid=kb;en-us;831374 (The CHKDSK utility incorrectly identifies and deletes in-use security descriptors), which describes that this can happen when a volume contains over 4,194,303 files, and/or the Master File Table on the volume is over 4 GB in size. However, if I understand it correctly, it would only reset permissions for the files after 4,194,303, so the first 4,194,303 file permissions would remain intact. Same for the MFT: only files whose entry is "after" 4 GB in the MFT would be reset, the rest of the permissions should remain intact. However, in my situation, the permissions on all files were changed. The disk contains some 900.000 files.
Another article I found describes my problem better: http://support.microsoft.com/?kbid=873437. Here a bug in chkdsk is described where permissions on all files on a volume would be reset to default permissions, however, this article applies to Windows 2000 Server only and I'm running Windows Server 2003. The problem has been fixed in servicepack 4 so I guess it should be solved in Windows Server 2003 as well. I haven't been able to find a 2003-version of this article.
I'm wondering, since none of these articles accurately describe my problem, if one of 'm could apply to my situation, or if anyone knows another reason why checkdisk reset all permissions?
Searching for a reason for this I found http://support.microsoft.com/default.aspx?scid=kb;en-us;831374 (The CHKDSK utility incorrectly identifies and deletes in-use security descriptors), which describes that this can happen when a volume contains over 4,194,303 files, and/or the Master File Table on the volume is over 4 GB in size. However, if I understand it correctly, it would only reset permissions for the files after 4,194,303, so the first 4,194,303 file permissions would remain intact. Same for the MFT: only files whose entry is "after" 4 GB in the MFT would be reset, the rest of the permissions should remain intact. However, in my situation, the permissions on all files were changed. The disk contains some 900.000 files.
Another article I found describes my problem better: http://support.microsoft.com/?kbid=873437. Here a bug in chkdsk is described where permissions on all files on a volume would be reset to default permissions, however, this article applies to Windows 2000 Server only and I'm running Windows Server 2003. The problem has been fixed in servicepack 4 so I guess it should be solved in Windows Server 2003 as well. I haven't been able to find a 2003-version of this article.
I'm wondering, since none of these articles accurately describe my problem, if one of 'm could apply to my situation, or if anyone knows another reason why checkdisk reset all permissions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.