sbs 2008 permissions on program files directory

Posted on 2009-02-18
Last Modified: 2012-05-06
Here is another challenge for up and coming sbs 2008 experts....

why can I not change permissions on program files directory?

The scenario is this ... we have been using (on our old sbs 2003) server a program called Policy Manager, which manages policies (of all things?!) and provides a web based service via IIS (with sql or mysql as db) to write, edit and view workplace policies.

SO, it comes time to install policy manager on my flash new sbs 2008 premium box. BUT I keep getting http 503 service unavailable errors. The web component of Policy Manager simply will not work.

This appears to be a permissions error. What is required is for Network Service to have modify permissions to the Policy Manager directory, however whilst I can change permissions on the Policy Manager directory itself, and (whilst not adviseable) change permissions on root c: drive, I can NOT change permissions on the  on Program Files (x86) directory ... which therefore (i am guessing) interrupts the permissions pathway and does not allow the application to run. As an alternative I have tried mappign an network share directly to the policy manager directory ... but that has not worked either.

I have the Policy manager vendor working on the problem from their end BUT I thought I would post here to see if this is a specific SBS problem. Apparently they don't see the same behaviour happening on Server 2008.

The potential implication for any 3rd party software application is potentially this ... If any alternative permissions are required on Program Files (x86) directory for the application to run THEN SBS 2008 is not the box to run it on.


any thoughts on a work around for this?

Question by:betterlifedirections
    LVL 23

    Assisted Solution

    I am not using SBS2008 but I couldn't believe you (if logon as Domain Admin) can't change permission on any folder. Have you unchecked the "inherit permission...." box or simply "replace permissioin on all child objects...." in the Advance tab?
    LVL 38

    Assisted Solution

    by:Philip Elder
    Change the location the program files are installed to. You WILL run into permissions problems with legacy applications on Win2K8 in general and SBS 08 specifically.

    Install to a root folder with the requisite permissions and see if that works.

    LVL 38

    Accepted Solution

    BTW, permissions are location specific ... I.E. the permissions on a particular folder will cause things to work.

    The problem may be that SBS has security set up in such a way that you need to elevate (UAC) for all permissions related changes such as launching a console that can change things, install a printer, etc.

    Win2K8 does not necessarily do so depending on how it is set up.


    Author Comment

    Thanks for your input Phillip and ormerodrutter.

    I was logged in as Administrator when trying to do the above. I suggest you try it on your own machine. Got to Program Files (x86) and try to add Network Service as a User to permissions, and just for fun try to give them Modify permissions.

    Phillip, I will try to install to a root directory and see if that makes a difference. Setting the program directory as a share and pointing IIS to that share didn't make a difference however.

    I will also have a look and see if I can see anything relating to UAC on permission changes ... although this is now starting to get a little beyond my knowledge as to where to start looking for this.

    Author Comment

    Hi all,

    none of the above worked. As we have SBS 2008 premium I was able to virtualise, and are now running an instance of SBS2008 as my domain controller, and a seperate instance of server 2008, which is now running the software I needed, although I did need to play with the permissions a bit.

    Author Closing Comment

    Thanks guys. SOrry about the slow close.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
    If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
    This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
    This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now