How to inherit user permissions to subfolders and files for mounted folders

Amit Jain 1 Reputation point
2022-06-08T11:42:38.517+00:00

We have created a mounted folder and had given it the permission via FileSystemAccessRule

FileSystemAccessRule fileSystemAccessRule = new FileSystemAccessRule(@"IIS AppPool\" + appPoolName.Trim(), FileSystemRights.FullControl,
InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow);

Now this works if the folder is normal directory. However, in case of a mounted folder it fails. Although it doesn't throw any error, it simply doesn't works.

We have tried giving the permission via ICACLS command too.
startInfo.Arguments = "/c ICACLS \""+ mountedDrive + "\" /INHERITANCE:e /GRANT \"IIS AppPool\TEST_AppPool\":(OI)(CI)(F) /T /C";
process.StartInfo = startInfo;
process.Start();

Here, in this case we are successful to add permissions to already available folders in mountedDrive, however new files or folders created does not have the same privilages. These already existing folders say's the permission is inherited from "None".

Is there something we are missing?
Do mounted folders are different from normal folders in terms of permissions?
How to make permission of mounted folder to be inherited to its subfolders?

Thanks in advance

Microsoft Graph Directory Management API
Microsoft Graph Permissions API
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,136 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Limitless Technology 37,316 Reputation points
    2022-06-09T07:47:37.787+00:00

    Hello,

    Thanks for reaching out, I xan understand you are facing issue while applying NTFS permissions on Shared folders using icacls command.

    Step 1:

    In Share folder, make sure the administrator who is executed script has Share Permission at least Read and has Full NTFS permission. Fail to set this permission will result in Access is denied.
    C:\>ICACLS "\server\Share1\Notes\Doc1" /GRANT "TestLab\TestUserAndy:M"

    Step 2 :

    To assign NTFS permission using ICACLS with Inheritance
    C:\>ICACLS "\server\Share1\Notes\Doc1" /GRANT "TestLab\TestUserAndy:(CI)(OI)M


    --If the reply was helpful, please don’t forget to upvote or accept as answer. --


  2. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,441 Reputation points Microsoft Employee
    2022-06-14T05:27:08.963+00:00

    Hi,

    In the ICACLS command, have you tried to use the volume GUID for mountedDrive like below:

    startInfo.Arguments = "/c ICACLS \""+ "\?\Volume{549cd1cf-a02a-11dd-9456-001d600c1bfd}\"+ "\" /INHERITANCE:e /GRANT \"IIS AppPool\TEST_AppPool\":(OI)(CI)(F) /T /C";

    Best regards


    If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

    No comments