Solved

Server 2008 R2 UAC: can't get accurate folder sizes

Posted on 2013-01-23
3
972 Views
Last Modified: 2013-02-22
I have Server 2008 R2 running as a file server. Logged in as a domain admin, I right-click the top level file folder and select "properties." It tells me the numbers of files and folders contained, and says it is taking up 10GB on disk. I know there is at least a TB stored in the folder by looking at the volume info listed in My Computer.  

It seems Server 2008 R2 limits what it reports based on UAC. Several times I have tried to open the sub-folders in that main folder and get the prompt: "You don't have permission to access this folder. Click continue to permanently get access to this folder." Once I have access to that folder, it will then include those contents in the totals when right-clicking it and asking for properties.

I have disabled the feature in secpol.msc. I have dropped the slider in control panel to "never notify", and I even looked in the tools tab of msconfig. Even after reboots, I still get those messages and I can't do things as simple as seeing how much data is stored in a folder. Foolish configuration by MS.

How do I tun this feature off entirely?
0
Comment
Question by:Ad-Apex
  • 2
3 Comments
 
LVL 28

Expert Comment

by:Ryan McCauley
ID: 38813098
This isn't related to UAC, it's related to NTFS permissions on the folders SQL Server controls - be default, they don't allow anybody other than the SQL service accounts to view their contents. When you click on them and get that prompt (and click "OK" to grant permissions), you're really asking Windows to grant your user NTFS permissions on that folder so you can view the contents. Without those permissions, you can see what's in the folder and your attempt to summarize the contents won't include them.

This same thing happens if you attempt to view the size of the "Users" folder and all its subfolders - since certain folders have NTFS rights restricted for other users (so only the owner can see the contents), you values here will be incorrect as well.

You can browse manually into all these folders and grant yourself the required rights when prompted - it's a one-time thing, as SQL Server won't alter the folder permissions again to remove you - and that should show you what you want.
0
 

Author Comment

by:Ad-Apex
ID: 38813929
Well, it's not SQL server, and I have permissions on all folders. The account I am using is a member of domain admins, which is the owner of the folders as well as listed as having "read" access. So the proper permissions and ownership is there, but it does behave like you describe. First time opening prompts me to click "continue" and thereafter it works fine.
0
 
LVL 28

Accepted Solution

by:
Ryan McCauley earned 500 total points
ID: 38814224
Ah - sorry about the confusion. I was answering a number of SQL Server questions last night and I didn't notice that this one didn't have that tag :)

Even if  you're a member of domain admins, which is a local admin on each server, that still doesn't guarantee that you'll have access to every folder, as the NTFS permissions can be set any way you way - to deny access to domain admins, for example, and allow only read access to some group of service accounts that you'd never used to log in.

Since you're a local administrator, you're free to take ownership of any NTFS object, even if you don't have explicit (or implied) permissions on it already, which is why it works after you get prompted. Even though it appears you have permissions, if you're getting that prompt it means  you don't - maybe you can take a before and after screenshot of the NTFS permissions and compare them to show you what's changing.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
what about DCpro 2 36
Windows mapped drive communications - Secure? 5 44
reboot server with scheduled time and week base 4 32
File Screening 1 13
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question