Link to home
Start Free TrialLog in
Avatar of DWStovall
DWStovallFlag for United States of America

asked on

How do I restore security on secondary server drive?

PROBLEM:  When I (as a Domain Admin) try to access the files on the D: partition of the file server, from within the file server console, I get a warning: "You don't currently have permission to access this folder...Click Continue to get access to this folder."  Then, when I click on the folder, I can gain access.  If I try to access my files, through the network, using my non-Admin logon, I can access the files without any warning.

It seems as though the "Administrators" group (which contains the Domain Admins) has a permissions issue because it was restored from a previous OS installation.

How can I correct it?

Please read the background information below to get a better understanding.

BACKGROUND:  I decided to rebuild our File Server, upgrading from Server 2003 to Server 2008.  The OS was on the C: drive and the corporate files were on a separate volume (the D: drive).  During the upgrade I wanted to wipe the C: drive and keep the D: drive intact.

We had many "shares" on the old file server (example: \\Svr12\Accounting, \\Svr12\Office,  \\Svr12\Public), and since I was planning to do a clean install of Server 2008, I didn't want to lose all of the shares for the D: drive.  So, I copied the share data from two registry keys:
  - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Shares
  - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Shares\Security

Then I wiped the C: drive and installed Server 2008.  Once installed, I restored the data from the two registry keys - when I did, all of the file shares and all of the files on the D: drive were accessible to the network clients.

When I logged into the console as a Domain Admin, I received a warning saying that I didn't have access; however, when I clicked "Continue," I could access the folder.  When I try to access files as an ordinary user, from a client work station, I don't get any warning.

Avatar of marcokrecic
marcokrecic
Flag of Italy image

Re-apply NTFS permissions on the affected disk,folders and subfolders and resolve the issue.
Avatar of Darius Ghassem
Most likley the files weren't Owned by the Admin. Look at the permissions to see if the Domain Admin group has permissions.
Like Domain admin you take the ownership and re-apply permissions
Avatar of DWStovall

ASKER

This seems like something I should know how to do, but I am confused about a couple of issues.  

- The volume in question is the entire D: drive on our corporate file server (4TB of files).

- Do I want to take ownership of every file on the volume?  Would that affect anything else?

- Specifically, how would I "reapply permissions"?

Thanks...
Dariusq:

In the attachments:

 - Picture1.gif          - shows what I see when I first try to access a folder.
 - FolderSec1.gif     - shows the Security tab when I click on Properties for the folder
 - FolderSec2.gif     - shows the Permissions tab when I click on Advanced
 - FolderSec3.gif     - shows the Owner tab when I click on Advanced

Hope this helps.
Picture1.gif
FolderSec1.gif
FolderSec2.gif
FolderSec3.gif
You can take ownership of the files but depending if these are profiles or not if they are just files then you should be ok.
ASKER CERTIFIED SOLUTION
Avatar of DWStovall
DWStovall
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial