Note To Self: Permissions Count On Vista

For decades I’ve kept a set of “tweaks” in my head that I make to all of my machines, just after I install an OS. This includes moving certain “important” directories around my hard drive because I don’t like digging through multiple layers of directories to get to things. Somethings should be right off the root of the drive, in my opinion.

Mental note to self: permissions on these “special” directories become very, very important on Vista.

What do I move and why do I do it? Well, the why of it is simple: I like some stuff to be in some places. Think back to the days of Windows 3.1. Um, if you were born early to be there for Windows 3.1. Back then there was no concept of My Documents – that started with Windows 95 and lived to Windows XP; in Vista it’s simply Documents. However, after building up a few boxes back in the day I quickly learned that I’d be a happier mammal if I kept all of my data documents in a centralized location. Easier to back up, easier to move from machine to machine, and just a cleaner way to keep your hard drive. For me, this was C:\Data. In the Data directory I then used subdirectories to group files by EXTension.

How well did that work? Worked well enough so that every machine I built after that – for me or for other people – had a Data directory. The people I converted to use this system still thank me for it (it was a condition for me installing Windows). It worked so well that I used to fight with Windows 95 over control of My Documents versus Data. I gave up with Windows 98, when I saw that I could remap the My Documents directory to C:\Data. Best of both worlds.

What else do I move? In XP I move My Documents to C:\Data [via Properties], Desktop to C:\Desktop [via TweakUI] and Temp to C:\Temp [via per user environment variables]. Why the per-user TEMP directory? It’s default is either C:\Documents and Settings\[username]\Application Data\Temp or C:\Documents and Settings\[username]\Application Data\Microsoft\Temp. I don’t remember which because I always change this to C:\Temp. Way easier to keep an eye on it then… Why do either of the three? Ease of navigation in Explorer. And a Command Prompt. And via Network. Connect to a machine *bam* there’s the three important directories that I want.

For Vista, all of the “special” folders can be moved from within the OS’s Properties dialog, which is a nice addition. So I moved Documents to C:\Documents, Desktop to C:\Desktop, and Downloads to C:\Documents\Downloads – remember that this is a new OS, so there’s a different list of special folders. In fact, if I stayed in Explorer for all of this stuff, I wouldn’t have bothered to move these folders: the new shortcut links in Explorer make all of these folders available with one click, but that doesn’t help with the Command Prompt or via UNC paths. I also changed the environment variable for Temp again to be C:\Temp.

You know what they say about the best plans of mice… something about them getting crushed by a teapot, I think.

Oh, the OS was fine with it… it was the apps that weren’t, most pointedly, IE7. IE7 comes with a Protected Mode for web pages: it’s only allowed to write to the Temp directory. Browsing was fine, but I couldn’t print. I also discovered that if I dragged the lil icon from the address bar to the Desktop that the URL file got there but without the actual address. Odd. Very odd.

After looking into the problem – with the help of some other tech ppl – it all came down to Permissions.

When you move folders around your hard drive, they will usually inherit the permissions of the new parent. In the case of Documents, Desktop, and Downloads – all of which are User-centic directories, meaning that other users have different instances of these – they were originally located in C:\Users\[username]. From their original location, they were set to inherit the permissions of the parent folder, which is normal… Except that the permissions between C:\Users\[username] and C:\ are very, very different, especially in Vista where it’s enforced, so when I moved them, they took on attributes of a new parent. Oops. This explained why I could drag URL icons to the desktop or save HTML pages to it. Logical, if you know what to look for.

Printing? That comes down to the Temp directory which I created by hand. And new folders that are created – drum roll please – default their permissions to inherit that of the parent! To fix this – for all four directories – I first turned off the inherit flag (in the Advanced dialog) and then set the permissions to the same list I found in the C:\Users\[username] directory. Again, logical, if you know what to look for.

Since I saw nothing about this anywhere on the web – not surprising since Vista hasn’t hit store shelves yet – I wanted to jot down the story here… for storage and sharing alike.

So, you know, I know what to look for, if it happens again.


4 thoughts on “Note To Self: Permissions Count On Vista”

  1. I had a similar problem with an external hard drive. I could create folders at the root of the drive with no problem, but if I tried to put a file at the root, UAC had to ask me for permission. I went in and gave myself full permission to the root of the drive, and everything is back to normal. I’ve used NT4, Win2K and WinXP and though they all used permissions, I never had this issue come up till Vista.

  2. Well that’s because Vista is actually relying on permissions more than the other OS’s have, mostly for security reasons… very much like a Unix system, strangely enough. UAC doesn’t prevent a lot of the day to day stuff that I do, and when it does it usually asks for permissions; this was a corner case that I hadn’t seen before.

    Similarly, if you started using Parent Controls in the Games Explorer, it blocks everything about the game: icon, files, saved data, directory, etc. for an out of bounds user… all based off file permissions. If there’s a tit in the icon, your child will never see it b/c the entire thing is blocked.

    It makes sense when ya think about it but it’s something I hadn’t thought of before :)

  3. I have a problem quite similar. I had copied my old WinXP’s My Pictures folder into a spare hdd in the same PC before I upgraded it’s OS to WinVista .

    Unfortunately after the upgrade, I found that I no longer have the permission to access, view, copy or just about do anything with the old My Pictures folder still in my spare HDD. I tried to run the Inherit Ownership as suggested by some of the sites but even though the system shows my username as the owner of the folder and files, I still did not have access.

    Does anyone know how to by overcome this problem. I was able to move other documents that I backed up into this spare PC except my old photos and pictures. (sigh)

    Any help would be great. Better if you can email me directly, if you do not want to post it online here.

Leave a Reply

Your email address will not be published. Required fields are marked *