Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Access control entries are deleted after you run the ICACLS command remotely against a UNC path with a mount point

Access control entries are deleted after you run the ICACLS command remotely against a UNC path with a mount point

View products that this article applies to.

Symptoms

Consider the following scenario:

  • On a computer that's running Windows 8 or Windows Server 2012, you create a mount point for a volume that uses the NTFS file system. For example, you format an NTFS volume and then mount it under the E:\StandardFolder\MountPoint folder.
  • You share the root directory of volume E, and you access the mount point through the \\ServerName\StandardFolder\MountPoint UNC path.
  • You run the following ICACLS command to check the access control entries to the UNC path:
    ICACLS \\ServerName\StandardFolder\MountPoint\StandardFolder


    All the entries are displayed as follows:
    ServerName\Volume-managers:(I)(OI)(CI)(F)

    BUILTIN\Administrators:(I)(OI)(CI)(F)
    NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
  • You run the following ICACLS commands to grant rights remotely to a domain account against the UNC path from a Windows 8-based computer: 
    ICACLS \\ServerName\StandardFolder\MountPoint\StandardFolder /grant domain\useraccount:(OI)(CI)RXW  
    ICACLS \\ServerName\StandardFolder\MountPoint\StandardFolder /grant domain\useraccount:(OI)(CI)(IO)M
When you run the ICACLS command to check the access control entries again in this scenario, you find that the  ServerName\Volume-managers:(I)(OI)(CI)(F) entry is deleted.

Notes 
  • The ServerName\Volume-managers is a custom local group. The group has full control on the volume that you used to create the mount point.
  • This issue does not occur when you run the ICACLS commands locally against a UNC path.  

↑ Back to the top

Workaround

To work around this issue, create a subfolder under the mount point, as follows:
\\servername\standardfolder\mountpoint\standardfolder\subfolder

↑ Back to the top

Keywords: kbprb, kbexpertiseadvanced, kbsurveynew, kb

↑ Back to the top

Article Info
Article ID : 2855880
Revision : 1
Created on : 1/7/2017
Published on : 6/24/2013
Exists online : False
Views : 296