Sign in with
Sign up | Sign in
Your question
Solved

Windows 7 security permissions external HDD

Tags:
  • Hard Drives
  • Servers
  • External Hard Drive
  • Windows 7
  • Security
  • Permissions
Last response: in Windows 7
Share
March 22, 2014 4:01:31 PM

Windows 7x64 completely up to date
Drobo server

Hi,

I've stumbled into a little problem. I will list the problem in details.


  • Had windows 7 with Drobo as my server connected via USB 2.0
  • Added a friend as user to windows 7
  • Changed permissions on HDD for drobo to only allow me access
  • Reinstalled windows 7
  • Couldn't access HDD's from Drobo
  • Removed old owner S-1-5-21-2148 blah blah blah which is what it shows now
  • Gave ownership to myself
  • Changed permissions so that anyone can access
  • Installed windows 8.1, wasn't happy
  • Reinstalled windows 7 and came back to the access of HDD's problem again


  • What I'm trying to do here is make the permissions go back to normal as they were before I even touched them. When I plug the Drobo server to another computer, I don't want any permissions to be set on them. I want full access for anybody. Kinda like how it was before I touched it. How do I go about doing this? If someone helps me, this will allow me to understand permissions in windows 7 and I can change in the future and be able to make changes and revert back to normal when I want. It will be a learning experience.

    Thank you in advance!
  • More about : windows security permissions external hdd

    Best solution

    a b $ Windows 7
    March 22, 2014 4:31:09 PM

    Every file and folder on your system has security identifiers attached to them, within Windows they can be tracked back to a "friendly" name which is displayed when you look at the security settings. Hence you see "User 123" instead of the security identifier "S-1-5-21-2148...". Within Windows there are a number of Standard security identifiers for the likes of Administrator, Guest, System. There are also identifiers for the groups like Administrators (not to be confused with the account Administrator), Users, Everyone, etc.

    Anyway, when you first setup your computer your own account was created with a new security identifier and added to the Administrators group so you had total control over the computer. When you added your friend you created a new security identifier and this was added to any files you changed permissions on, up to now he would have had User access. When you formatted your system new security identifiers were created for you and you friend, the old ones were lost. This meant the new install didn't have the information to decode the security identifiers still attached to the files on your external hard drive, the result was it blocked you because it didn't know who you were.

    The best you can do with a hard drive, which isn't the OS drive, is
    1). give ownership to the administrator group
    2). give the administrator group total control
    3). give the system group total control
    4). give any other group the level of control you want them to have, this can be anything from denied up to total control
    5). try not to give individual users specific permissions as this will lead to problems if you re-install the OS or transfer the drive to another computer
    6). as you've learned, specific permissions can be bypassed by simply taking ownership and resetting the permissions
    Share
    March 24, 2014 9:36:19 AM

    pauls3743 said:
    Every file and folder on your system has security identifiers attached to them, within Windows they can be tracked back to a "friendly" name which is displayed when you look at the security settings. Hence you see "User 123" instead of the security identifier "S-1-5-21-2148...". Within Windows there are a number of Standard security identifiers for the likes of Administrator, Guest, System. There are also identifiers for the groups like Administrators (not to be confused with the account Administrator), Users, Everyone, etc.

    Anyway, when you first setup your computer your own account was created with a new security identifier and added to the Administrators group so you had total control over the computer. When you added your friend you created a new security identifier and this was added to any files you changed permissions on, up to now he would have had User access. When you formatted your system new security identifiers were created for you and you friend, the old ones were lost. This meant the new install didn't have the information to decode the security identifiers still attached to the files on your external hard drive, the result was it blocked you because it didn't know who you were.

    The best you can do with a hard drive, which isn't the OS drive, is
    1). give ownership to the administrator group
    2). give the administrator group total control
    3). give the system group total control
    4). give any other group the level of control you want them to have, this can be anything from denied up to total control
    5). try not to give individual users specific permissions as this will lead to problems if you re-install the OS or transfer the drive to another computer
    6). as you've learned, specific permissions can be bypassed by simply taking ownership and resetting the permissions


    Thank you Paul. Now I understand how it works. Always have non OS drives owned by the Administrators Group. I was giving ownership to myself instead of the group. I forgot that I am part of the group. Makes a lot of sense and very informational Paul. Thanks again!
    m
    0
    l
    !