Solved

Server 2008 R2 UAC: can't get accurate folder sizes

Posted on 2013-01-23
3
970 Views
Last Modified: 2013-02-22
I have Server 2008 R2 running as a file server. Logged in as a domain admin, I right-click the top level file folder and select "properties." It tells me the numbers of files and folders contained, and says it is taking up 10GB on disk. I know there is at least a TB stored in the folder by looking at the volume info listed in My Computer.  

It seems Server 2008 R2 limits what it reports based on UAC. Several times I have tried to open the sub-folders in that main folder and get the prompt: "You don't have permission to access this folder. Click continue to permanently get access to this folder." Once I have access to that folder, it will then include those contents in the totals when right-clicking it and asking for properties.

I have disabled the feature in secpol.msc. I have dropped the slider in control panel to "never notify", and I even looked in the tools tab of msconfig. Even after reboots, I still get those messages and I can't do things as simple as seeing how much data is stored in a folder. Foolish configuration by MS.

How do I tun this feature off entirely?
0
Comment
Question by:Ad-Apex
  • 2
3 Comments
 
LVL 28

Expert Comment

by:Ryan McCauley
ID: 38813098
This isn't related to UAC, it's related to NTFS permissions on the folders SQL Server controls - be default, they don't allow anybody other than the SQL service accounts to view their contents. When you click on them and get that prompt (and click "OK" to grant permissions), you're really asking Windows to grant your user NTFS permissions on that folder so you can view the contents. Without those permissions, you can see what's in the folder and your attempt to summarize the contents won't include them.

This same thing happens if you attempt to view the size of the "Users" folder and all its subfolders - since certain folders have NTFS rights restricted for other users (so only the owner can see the contents), you values here will be incorrect as well.

You can browse manually into all these folders and grant yourself the required rights when prompted - it's a one-time thing, as SQL Server won't alter the folder permissions again to remove you - and that should show you what you want.
0
 

Author Comment

by:Ad-Apex
ID: 38813929
Well, it's not SQL server, and I have permissions on all folders. The account I am using is a member of domain admins, which is the owner of the folders as well as listed as having "read" access. So the proper permissions and ownership is there, but it does behave like you describe. First time opening prompts me to click "continue" and thereafter it works fine.
0
 
LVL 28

Accepted Solution

by:
Ryan McCauley earned 500 total points
ID: 38814224
Ah - sorry about the confusion. I was answering a number of SQL Server questions last night and I didn't notice that this one didn't have that tag :)

Even if  you're a member of domain admins, which is a local admin on each server, that still doesn't guarantee that you'll have access to every folder, as the NTFS permissions can be set any way you way - to deny access to domain admins, for example, and allow only read access to some group of service accounts that you'd never used to log in.

Since you're a local administrator, you're free to take ownership of any NTFS object, even if you don't have explicit (or implied) permissions on it already, which is why it works after you get prompted. Even though it appears you have permissions, if you're getting that prompt it means  you don't - maybe you can take a before and after screenshot of the NTFS permissions and compare them to show you what's changing.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
Know what services you can and cannot, should and should not combine on your server.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question