Permissionless external drive with NTFS

Your external drive is formatted with the NTFS file system, which supports access restrictions.

Unfortunately, while some users and security groups are built-in to Windows with predefined Security IDs which are the same on all machines (such as Everyone), other users and groups have SIDs derived from the machine they're defined on.

To normalize the situation you should:

  1. While logged-in as Administrator, right-click the drive's root directory and select Properties.
  2. Click the Security tab, then the Advanced button.
  3. In the Advanced Security Settings dialog for the drive, click the Owner tab, then the Edit button.
  4. Click the Administrators group, check Replace owner on subcontainers and objects and click OK. If asked about replacing existing permissions with ones giving you Full Control, click Yes.
  5. Back in the Security tab and on the original Properties sheet again, click the Edit button, and in the Security dialog click Remove for all entries for all accounts listed under "Group or user names", except for the well-known ones of System, Administrators, Users and Authenticated Users.
  6. Click Add, and in the "Select Users, Computer or Groups" dialog under "Enter the object names to select", type Everyone and click OK. You should verify that Everyone has been added to the list.
  7. Click Everyone, check Full Control, then click on Apply.
  8. Click Advanced again to go back to the Advanced Security Settings dialog box and click the Change Permissions button. Check Replace permission entries on all child objects and click OK and OK.
  9. Click OK.

Be careful in the future not to allocate separate access permissions to sub-folders of the drive (leaving all permissions as inherited). If this happens again, repeat the step for "Replace permission entries on all child objects".

Be mindful of the fact that under Windows 7/8 the Guest account is not part of the Everyone group. If you need it, you'll have to add Guest as above for the Everyone group.

If you encounter problems with UAC, try using Explorer via "Run as administrator".


The example above:

takeown /f f:\ /r /d y

will assign owner to the current user. To assign owner to the administrators group add the /a option, For example:

takeown /f f:\ /a /r /d y

This will accomplish steps 1-4 of harrymc's solution.

Note that /d y is localisation dependent, with German localisation it is e.g. /D j.


takeown is the easiest tool to get rid of this braindamaged permission system.

start a cmd as administrator (right-click cmd icon, run as admin), and enter

takeown /f [root dir of drive] /r /d y

example for drive F:

c:\>takeown /f f:\ /r /d y

Tags:

Permissions

Ntfs

External Hard Drive

Recent Posts