What is happening when I click on "OK" when it prompts me if I want to give
myself rights is, ~it~ is going into every file and folder and inserting my
user id under the security tab of properties and explicitly giving me full
control. Based on what our Intel Admins have told me, I made the assumption
~it~ was UAC because they told me it was UAC asking me if I want to continue
with the operation (to simply view the folder) because I currently don't
have explicit authority, I only have implied authority by my user id being
an ~administrative~ id.
There is another product within this environment, Zylab, which I'm clueless
on but our local Intel Admins don't believe Zylab would be the cause.
The situation is very easy to recreate... all I have to do is go out to a
volume that I've never looked before (thus I won't have explicit permission
to) and double click on it to open it... at that time ~something~ tells me I
currently don't have rights do perform that operation and would I like to
give myself rights (since my id is an administrative id I have the authority
to do that) and I click "OK" and as I mentioned above, ~it~ goes in and
inserts my user id explicitly on every file/folder thus "changing" it and
tsm then backs it up next cycle.
It is also the case that it behaves this way for any/all admins and in
looking at the security tab I see a whole list of various admins explicitly
listed.
Could this be a configuration setting of UAC? (to make it put explicit
permissions on the files)
Dwight
-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of
Huebner, Andy
Sent: Thursday, October 10, 2013 4:16 PM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: Re: [ADSM-L] Win2008 with UAC and backing up files that really
didn't change... kind'a
I believe you have something else happening. If that option was changing
the ACLs of millions of files you would be very aware of that happening.
"administrative" rights are not unlike sudo in Unix, you are assuming the
identity of a more powerful user.
It is not uncommon for admins here to do what you describe without the
results you describe.
Andy Huebner
-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of
Dwight Cook
Sent: Thursday, October 10, 2013 2:20 PM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: [ADSM-L] Win2008 with UAC and backing up files that really didn't
change... kind'a
OK, so I have a file server with 6 volumes each of 2.5 TB's and each with
1-2.5M files on them.
Under Win2008 there is this ~funk~ called UAC such that an "administrative"
id has effective permissions to everything but not really any direct
permission.
That is, if I go into this server and under explorer I click on the top
directory on one of the volumes it says "you don't have rights to view this,
do you want to grant yourself rights?" and when I click "OK" windows goes
out and gives my userid direct permissions to all subfolders and files. BUT.
that is a change to the permissions of every directory and file and next
incr backup, TSM backs up everything. yes, sometimes 2.5M files at 2.5 TB's
just because some admin clicked "OK" on giving themselves permission to view
things at the top folder level.
Is anyone else seeing this?
Dwight
|
