53 replies to this topic

[Dramastic]

I ran into a problem using Win7PE-SE trying to take ownership of files (In Windows Explorer, Right-Click->Properties->Security Tab->Advanced Button->Ownership Tab->Edit Button)..

This displays a dialog box with the following error:

Windows Security
-----------------------
Can't open access control editor. Invalid value for registry

As a result, I am unable to take the ownership of the files I need in order to set their permissions to make them accessible so that I can move them to another hard drive..

Any suggestions? Fixes?

[MedEvil]

You can't change permissions in Win7PESE.
Don't know, if it works in any other Win7 based PE, but i doubt it.

[homes32]

I know what your talking about and am working on a solution. stay tuned.

[RoyM]

Haven't tried these reg entries in Win7PE-SE, Might be worth a try.

Attached Files

•  takeownership.zip   622bytes   33 downloads

[Dramastic]

<sup>I've been setting permissions lots of times from Win7PE-SE - however this is the first time I seem to need to take ownership to complete the permissions changes. I have had no problems setting permissions except for the ownership issue..


I tried the takeown and icacls commands from the .reg files on the folder I am having trouble with..

..takeown says:
"Error: No mapping between account names and security IDs was done"

..and icacls makes it through some of the files, then says:
"Access denied"
on one of the files and
"..Failed processing 1 files"

so unfortunately that didn't seem to get me any further..</sup>

[RoyM]

Hi Dramastic

I assume these are "not" files within the PE?.

Please specify which ownerspermissions are currently set for these files?
Also are target systemfiles joined to a domain or workgroup
Have you changed any usernames on target systemfiles

More info needed Please.

[Dramastic]

Thanks for providing me with help on this guys...

I've figured out enough now that I can say the issues I'm having with takeown and icacls is not limited to Win7PE-SE..

The files I'm working with are on an old hard drive apparently containing Windows 2000. The current owner on the files is indeed a domain administrator, granting only that user access..

What I have just figured out is the following:

booting into the command prompt from a Windows 2008 R2 DVD and using takeown and icacls gives the same errors!

I finally began to suspect and decided to try to shorten the folder names containing the files, and now by alternately using takeown and icacls commands from those .reg files, I am slowly making some progress. Its slow going as I'm only gaining access to one or a handful of files at a time per run of the commands, but it does not appear to be an issue related to Win7PE-SE..

[Wonko the Sane]

Mind you, possibly VERY UNrelated but not much .
If you want to get access (copy the actual file contents of the files) you may want to try "direct access".
http://reboot.pro/15086/page__st__25


Wonko

[RoyM]

^{See if this will do the trick
http://www.hobeanu.c...ccessgain-tool/}

[pscEx]

I also have had a lot of troubles with orphaned mounted wims left as undeletable directories.

I solved my issue completelly with Macrium Reflect PE (unfortunatelly commercial)

Peter

[homes32]

^{See if this will do the trick
http://www.hobeanu.c...ccessgain-tool/}

probably not. it won't run in vista/win7 because its an unsigned kernel mode driver.
I made a plugin for it (win7x86/x64) awhile ago but disabling checking PITA for a PE build.

[Wonko the Sane]

I also have had a lot of troubles with orphaned mounted wims left as undeletable directories.

I don't think that orphaned directories is connected with ownership/permissions
What actually did you do with the tool you mentioned?
I think that it is similar to the manual steps you can read in this .pdf :
http://accessdata.co...Files.en_us.pdf


Wonko

[pscEx]

I don't think that orphaned directories is connected with ownership/permissions
What actually did you do with the tool you mentioned?

Maybe that my issue was a different one. I could not delete the directories even after declaring "ME" as owner and gave full access to every user.

In Macrium Reflect I used the explorer, and clicked "Delete" in the directories' context menu.

Peter

[MedEvil]

For those, who have said, that they changed permissions before in Win7PESE, please check after you think that you have done so successfully and you will see, that it didn't actually take.
Have fallen into that trap too.

[ChrisR]

See if this will do the trick
http://www.hobeanu.c...ccessgain-tool/

probably not. it won't run in vista/win7 because its an unsigned kernel mode driver.
I made a plugin for it (win7x86/x64) awhile ago but disabling checking PITA for a PE build.

I do not know if it can do the job, there is "Access Gain" script in http://gena.cwcodes.net/ (Gena\Drivers\6 Other"), see http://gena.cwcodes.net/projectindex.php. the script is compatible to pe2/3, not personally used and tested.
May be good to have a try

[homes32]

it won't run in vista/win7 because its an unsigned kernel mode driver.
I made a plugin for it (win7x86/x64) awhile ago but disabling checking PITA for a PE build.

[u2o]

I have the same problem, I can't change the file/folder owner.

It's necessary, for example to delete/clear system restore points before creating a backup (on a windows drive)... This can save about 10 GB (or more)... in the size.

Nobody could make it work?

[wimb]

Not a solution to change the permission, but ....
If you use ExplorerXP.exe portable App then you are probably allowed to do anything you want.

Delete or Copy files without having permission. http://www.explorerxp.com/


If you want to take ownership you can try to use SetACL.exe as described here
http://helgeklein.com/

[u2o]

Not a solution to change the permission, but ....
If you use ExplorerXP.exe portable App then you are probably allowed to do anything you want.

Delete or Copy files without having permission. http://www.explorerxp.com/


If you want to take ownership you can try to use SetACL.exe as described here
http://helgeklein.com/

Thanks wimb!

But ExplorerXP don't allow delete files in System Volume Information, don't shows an error message, but not delete them... as with MS-Explorer.

Anyway that isn't the solution, since the permissions are managed by the system.
In Win7PE, we only have a user "Default". I remember BartPE ... the user was "SYSTEM", it had more permissions (all permissions) that "Admin user", so... allowed everything (and too allowed change permissions and the file owner).
But I don't think the problem is the user name or permissions of the Win7PE User (Default) . The problem is the owner of the file. With another files it works...

I was trying to load the default users of Windows 7, importing multiple registry keys for HKLM\SAM and HKLM\SYSTEM, but I haven't success...
Neither do I have managed to integrate "GPEDIT" as to enable "Group Policy Editor", or at least display the users and their policies (or portion thereof).

I'm recording every RegKey call to run the editing permissions in Windows 7 and trying to see if it works ... but it will take some time ...

But anyway ... I wish edit the file permissions, with Windows File Properties, only for some files... And so avoid terrible disasters...

[MedEvil]

No matter what Win7PE claims, who the user is, unless you use a special build, it is still System like in BartPE.

[u2o]

Thanks MedEvil!

I had that doubt. I am working to recognize all keys...

[Agent47]

I can confirm that accessgain works like a charm in Win7pe x86.What i did is to mount the WIM and add accessgain service entry to the SYSTEM hive manually(via regedit-you also need to copy the accessgain.sys file to the drivers folder).After unmounting and booting it works without any problem.

[u2o]

I can confirm that accessgain works like a charm in Win7pe x86.What i did is to mount the WIM and add accessgain service entry to the SYSTEM hive manually(via regedit-you also need to copy the accessgain.sys file to the drivers folder).After unmounting and booting it works without any problem.

Hi Agent47, accessgain.sys needs a script to work in Win7PE. I couldn't make it work. Can you copy your working registry keys?

[paraglider]

Script is referenced above in post #15 ( http://gena.cwcodes.net/Projects/Gena/Drivers/6%20Other/AccessGainDrivers.script ). Works fine for me in win7pe_se. However I never need to use it - have not found any folders that cannot be accessed using the default system user of pe.

[Agent47]

For anyone interested here is the registry entries which worked for me.First you should mount the WIM file and load SYSTEM hive in the name 'WINPE'.Copy 'accgain.sys' to the system 32drivers folder(if the sys file name is different,must rename it to accgain.sys).Then apply the reg entries.For some reason accessgain works better on full explorer.Micro explorer or BSexplorer is not 100% compatible with it.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINEWINPE]

[HKEY_LOCAL_MACHINEWINPEControlSet001]

[HKEY_LOCAL_MACHINEWINPEControlSet001Control]

[HKEY_LOCAL_MACHINEWINPEControlSet001ControlGroupOrderList]

"FSFilter Activity Monitor"=hex:02,00,00,00,01,00,00,00,02,00,00,00

[HKEY_LOCAL_MACHINEWINPEControlSet001services]

[HKEY_LOCAL_MACHINEWINPEControlSet001servicesAccessGainDriver]

"Type"=dword:00000002

"Start"=dword:00000001

"ErrorControl"=dword:00000001

"Tag"=dword:00000002

"ImagePath"=hex(2):5c,00,3f,00,3f,00,5c,00,58,00,3a,00,5c,00,57,00,69,00,6e,00,

  64,00,6f,00,77,00,73,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,

  00,5c,00,64,00,72,00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,63,00,63,00,

  67,00,61,00,69,00,6e,00,2e,00,73,00,79,00,73,00,00,00

"DisplayName"="AccessGainDriver"

"Group"="FSFilter Activity Monitor"

"DependOnService"=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00

"Description"="File system access gain mini-filter driver"

[HKEY_LOCAL_MACHINEWINPEControlSet001servicesAccessGainDriverInstances]

"DefaultInstance"="AccessGain Instance"

[HKEY_LOCAL_MACHINEWINPEControlSet001servicesAccessGainDriverInstancesAccessGain Instance]

"Altitude"="370020"

"Flags"=dword:00000000

After booting in to win7pe open CMD window and type 'fltmc'.If everything is ok,you can see accessgain driver in the list.