NTFS Permissions disappear/reset overnight on WIN 2000 Server

Posted on 2005-03-10
Medium Priority
Last Modified: 2012-06-27
I am running WIN 2000 AD and on one of my servers I have added permissions to a folder
(C:\Program Files\Blue Ocean Software) and then the next morning they disappear. I created and added a global group and gave it Full Control, I clicked on advanced and chose both "Inherit from parent...” and "Replace permissions entries on all child...". This has been happening for 3 weeks, every day I add the group and the next mooring the permissions I added the day before are gone. This also happens if I add individual user accounts so it is not specific to the Global Group. The server is Windows 2000 with SP4 and it is running SQL 2000 and Project Server 2003 as well. Nothing out of the ordinary in the event logs. I called the Blue Ocean Software vendor and they have no idea what is happening.
Question by:BOS1028TIM
  • 2
LVL 12

Accepted Solution

GinEric earned 1000 total points
ID: 13508930
You added a group, but did you set the permissions on the Directory structures themselves?

Two ways for permissions to disappear; system restore, and a hacker.

If you run eventviewer and log for security changes, you will see exactly what changed the permissions, even if it was the system.  The only way you won't see them is if someone has purposefully deleted the log entries.

Inherit permissions is fine, if the permissions are already set, but if their not, reversion to the permissions that existed at the time of the creation of the folder will apply at some time when the folder is either replicated or restored.  Your server could be replicating from some other server, or machine, from a backup, from a restore point.

Setting the Group Permissions is not enough, you also have to set the physical outermost directory permissions.

It gets tricky too because if

C:\Program Files\Blue Ocean Software

belongs to the Group, its ownership may conflict with the software's internal ownership, and if

C:\Program Files\

belongs to System, if may not like permissions below it and change them.

The methods to fix this are plenteous.  One of the things we do is to not use

C:\Program Files\

for installing software, instead, we create our own structure:


Install software where we can find it quickly:


and so on, so that Blue Ocean Software might be found under:

C:\Programs\A-D\Blue Ocean Software

But at install, we change that to:


to avoid white space directory problems, which inevitably come up.

This has a three-fold security measure built in:

1.)  hackers don't know where programs are
2.)  We can quickly find and remove a program if necessary.
3.)  Permissions are set at Directory creation time, whereupon they are inherited from that structure; we change that of course, but if we install under Group, there's no need to usually.

For what it's worth.
LVL 12

Expert Comment

ID: 13570420
Did you fix this yet?

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question