Problem with security permissions

Andrea Vironda 816 Reputation points
2021-04-03T17:01:44.073+00:00

Hi everyone!
i'm having a trouble with accessing some files. This morning i made a back-up from my company PC to an USB HDD. We use a workgroup and we access via users managed by a server.

This afternoon i tryed to access the files from my computer at home, and I noticed I was asked to acknwledge i'm an administrator simply to access the folder in my USB HDD.

Then i noticed strange security settings on certain files: 84224-screenshot-2021-04-03-185328.jpg

On other older files I don't have any trouble entering: 84245-screenshot-2021-04-03-185901.jpg

I can't understand this behavior. We changed our server last week and new files seems to be protected in some way.
Can you kindly help me?

Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,266 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,717 questions
0 comments
Accepted answer
  1. MotoX80 31,561 Reputation points
    2021-04-06T17:13:23.217+00:00

    In the images that you posted, look at the difference in security permissions. MHTE53.indd only has one account that is allowed access. For AH30.indd in addition to your account and the unknown SID, you have what I would consider to be "normal" inherited permissions for SYSTEM and Administrators. Note the color of the check marks. A gray color is an inherited permissions. A black check is a ACL that is only on that file/folder.

    The account that has access to MHTE53.indd either got deleted from the PC that you took the screen image on, or is another local account on anther PC. The crypto malware may have also altered NTFS permissions and removed the inherited permissions.

    Permissions can easily be reset. Set the permissions that you want on the folder D:\MarketingVMS\Opuscoli\Teste. Save these commands below as a bat file, then open an admin command prompt and run the .bat file. You should then be able to access all files. 

    set badfolder="D:\MarketingVMS\Opuscoli\Teste"
takeown /d Y /a /r /f %badfolder%
icacls %badfolder% /reset /t 
icacls %badfolder% /verify /t

    You should also check the permissions on the WS2019 server.

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. MotoX80 31,561 Reputation points
    2021-04-04T19:27:35.427+00:00

    That's just the SID of a local user or group from the other PC. If it's not a well known SID or an Active Directory account then your PC does not know who it is.

    https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/security-identifiers-in-windows

    Open a command prompt and run "whoami /user". 

    C:\Temp>whoami /user  
  
USER INFORMATION  
----------------  
  
User Name      SID  
============== =============================================  
slick\testuser S-1-5-21-3320722524-193523071-2819253668-1018

    If I grant that account some permissions on a USB HDD and then plug that drive into another PC, even though that PC might also have an account named testuser, it won't know what account S-1-5-21-3320722524-193523071-2819253668-1018 is.

  2. Grace HE 1,236 Reputation points
    2021-04-09T07:45:07.223+00:00

    Hi,
    Thank you for posting your query. According to your description, here are some hints for you.

    System.Security.Permissions Namespace
    https://learn.microsoft.com/en-us/dotnet/api/system.security.permissions?view=net-5.0

    Best Regards,
    Grace

    ---If the suggestions above are helpful, please ACCEPT ANSWER. Really appreciate. This will also help others with similar issue to find this post quickly. ---

    0 comments