Home > Windows Server 2003 / 2008 > NTFS Volume Mount Points & List folder permissions

NTFS Volume Mount Points & List folder permissions

Last week I was troubleshooting NTFS permissions on mounted volumes.  Users were able to browse on a non-mounted directory but not on a  mounted Directory with the same permissions. So I was facing an issue with list folder permission on Mounted volumes.

Fore example:
Users1 is the non-mounted volume and users2 is the mounted volume.

With the command “mountvol” you can quickly view which volumes are mounted to folders like the example below.

Command mountvol example:

Permission overview Volumes & Folders:

Like you can see are all the permissions on the mounted volume and the non-mounted are volume the same! So why was a normal user not able to browse the mounted volumes? I figured out that the “list folder” was working on the mounted volumes when I selected “read attributes” on the volume itself. But why was this option required on mounted volumes?

I installed the tool “tweak file” to view all the folder Attributes and yes the “mounted folder users” had an special attribute REPARSE POINT which holds the mount point. Now I can conclude that “Read Attributes” is always required on mounted volumes to list the the contents in the “Mounted volume link folder”.

Attributes of a Normal Folder:

Attributes of a Mounted Volume Folder:

What happens with the permissions if you create a new volume? For example you create a new “volume mount point” Users3 under root volume E:/.

  1. Create an empty folder Users3 under the root folder.
  2. Initialize disk and format the volume in Disk Management.
  3. Mount the new Volume to the empty folder Users3.

In step one will the empty folder inherit permissions from the Root volume E:/ In step two will the volume receive the standard permissions from the OS like you create another volume and assign a drive letter. So the “mounted volume” itself will not receive the permissions from the root volume E:/. If we change permissions on the root volume E:/ it will not propagate across the underlying volumes but it will propagate to the underlying “Mounted volume link folders” like Users3.

It’s interesting to know that the permission “read attributes” is required on mounted volumes to list the folder contents. I could not find any info about this issue on the Internet. I would like to share my experience with permissions & Mounted volumes. Permissions on Root volume, mounted volume, mounted volume link folders could get confusing when you need to troubleshoot the permissions.

Advertisements
  1. May 14, 2011 at 11:49 am

    I can’t seem to look at this site from my droid!

  2. Petr Kasl
    November 12, 2012 at 12:50 pm

    Thank You 1000x.
    It helps me resolve my big problem.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: