Share via

Windows Sandbox network file share access weirdness

Shaunm001 306 Reputation points
2025-05-29T18:48:57.3133333+00:00

I'm using a custom .wsb file with a mapped folder configured as follows:

<Configuration>
  <MappedFolders>
    <MappedFolder>
      <HostFolder>\\server\share</HostFolder>
      <SandboxFolder>C:\Users\WDAGUtilityAccount\Desktop\Temp</SandboxFolder>
      <ReadOnly>true</ReadOnly>
    </MappedFolder>
  </MappedFolders>
</Configuration>

I have full access to the files at the HostFolder location above using my regular Windows workstation, but when accessing the same files using the Sandbox running on the same workstation, I'm only able to access some files and not others:

User's image

I have found that if I take one of these problem files, move it off the file server using my regular workstation, then copy it back to its previous location, I am then able to access the file from the Sandbox when previously I could not.

As a test, I checked the ACL permissions of one of these problem files before moving it off the file server, then I checked the permissions again after moving it off and copying it back, and the permissions are identical (unchanged from before and after being moved):

User's image In screenshots above, I was unable to access the file from the Sandbox before moving it off the file server, and was only able to access it after copying it back to the server, even though the ACL permissions are unchanged before the move and after.

Looking for some ideas/suggestions as to what is happening here?

Windows for business Windows Client for IT Pros Networking Network connectivity and file sharing
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Mi Joe 0 Reputation points
    2025-06-03T03:19:04.2366667+00:00

    Try the following checks before and after moving/copying:

    1. Check File Attributes
    attrib "\\server\share\problemfile"

    Look for unusual flags like O (offline), E (encrypted), C (compressed), etc.

    1. Check for Alternate Data Streams
    Get-Item -Path "\\server\share\problemfile" -Stream *

    If there are streams beyond :$DATA, note them.

    1. Check for Reparse Points
    fsutil reparsepoint query "\\server\share\problemfile"

    If this returns data, the file is a link or stub.

    1. Check Owner and Integrity 
         icacls "\\server\share\problemfile" /L /C
      Look for differences in owner, integrity, or audit sections. Bulk "Normalize" Files: Use a tool like robocopy to copy files in a way that strips unwanted metadata: 
         robocopy \\server\share \\server\share_temp /E /COPY:DAT
      Then move them back after verifying access.
      1. Remove Problematic Attributes: If you find a specific attribute causing the issue, you can clear it using PowerShell or command-line tools.
    2. Check for Reparse Points: If these are cloud/DFS stubs or links, ensure files are fully hydrated and not placeholders.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.