Hyper-V “Virtual Machines” Security Group Issue


I recently discovered that Hyper-V adds a NTFS security group permission to the parent location path where the virtual disk (vhd) are located called “Virtual Machines”. This became a issue when I placed a virtual disk on the root of a NTFS partition I was able to discover that the permission was missing but was unable to add it manually with GUI’s security settings window as “Virtual Machines” was unknown so it must be a security identifier. I was able to use the get-acl powershell command-let to read the SID which was returned as “S-1-5-83-0”.

An interesting note I couldn’t find this SID in Microsoft’s Well-known security identifiers list (kb243330).

I used the following powershell script to add the needed security right manually:

$sid=get-acl H:\

$sid.SetSecurityDescriptorSddlForm( ($sid.sddl + "(A;;FA;;;S-1-5-83-0)(A;OICIIO;0x101f01ff;;;S-1-5-83-0)") )
> set-acl H:\ -AclObject $sid

Advertisements