unable to replace drivers on Vista

NTDEV
1

Hi,

I am trying to replace a few drivers (e.g. mountmgr.sys,
volmgr.sys) with corresponding checked build versions on a Vista
installation. However I get error “Destination Folder Access Denied -
You need permission to perform this action” when I rename the original
binary. I was logging in to an account with administrator privilege and
has UAC turned off. What else did I miss? Thanks in advance for
helping.

Mandy

2

Minimally, I would guess that the DACL grants write access only to
SYSTEM. WFP has either gone away or just morphed, so there may be more
stopping you after this. You can check this on the properties tab.
Whether or not replacing these is a good idea, I don’t really know in
this specific case.

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mandy Lam
Sent: Tuesday, June 26, 2007 16:52
To: Windows System Software Devs Interest List
Subject: [ntdev] unable to replace drivers on Vista

Hi,

I am trying to replace a few drivers (e.g. mountmgr.sys,
volmgr.sys) with corresponding checked build versions on a Vista
installation. However I get error “Destination Folder Access Denied -
You need permission to perform this action” when I rename the original
binary. I was logging in to an account with administrator privilege and
has UAC turned off. What else did I miss? Thanks in advance for
helping.

Mandy

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

3

Mandy Lam wrote:

Hi,

I am trying to replace a few drivers (e.g. mountmgr.sys,
volmgr.sys) with corresponding checked build versions on a Vista
installation. However I get error “Destination Folder Access Denied –
You need permission to perform this action” when I rename the original
binary. I was logging in to an account with administrator privilege
and has UAC turned off. What else did I miss? Thanks in advance for
helping.

Administrator is no longer enough. The system folders are owned buy the
system account.

This “piecemeal checked” approach has never been reliable. Why don’t
you just install the whole checked build? It’d be quicker than trying
to figure out how to override the protections.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

4

Thanks for the response. I found a registry to stop WFP
from recovering the system drivers on boot up
(“HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” -
SFCDisable:REG_DWORD:1) so hopefully I’ll be able to use the checked
drivers after putting them to the drivers folder.

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Martin O’Brien
Sent: Tuesday, June 26, 2007 2:09 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] unable to replace drivers on Vista

Minimally, I would guess that the DACL grants write access only to
SYSTEM. WFP has either gone away or just morphed, so there may be more
stopping you after this. You can check this on the properties tab.
Whether or not replacing these is a good idea, I don’t really know in
this specific case.

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mandy Lam
Sent: Tuesday, June 26, 2007 16:52
To: Windows System Software Devs Interest List
Subject: [ntdev] unable to replace drivers on Vista

Hi,

I am trying to replace a few drivers (e.g. mountmgr.sys,
volmgr.sys) with corresponding checked build versions on a Vista
installation. However I get error “Destination Folder Access Denied -
You need permission to perform this action” when I rename the original
binary. I was logging in to an account with administrator privilege and
has UAC turned off. What else did I miss? Thanks in advance for
helping.

Mandy

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

5

I guess that’s the last I can do. Thanks.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tim Roberts
Sent: Tuesday, June 26, 2007 2:17 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] unable to replace drivers on Vista

Mandy Lam wrote:

Hi,

I am trying to replace a few drivers (e.g. mountmgr.sys,
volmgr.sys) with corresponding checked build versions on a Vista
installation. However I get error “Destination Folder Access Denied -
You need permission to perform this action” when I rename the original
binary. I was logging in to an account with administrator privilege
and has UAC turned off. What else did I miss? Thanks in advance for
helping.

Administrator is no longer enough. The system folders are owned buy the
system account.

This “piecemeal checked” approach has never been reliable. Why don’t
you just install the whole checked build? It’d be quicker than trying
to figure out how to override the protections.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

6

If you’re going to install a full checked, or even a partial for that
matter, assuming you are not tied to Vista, I would recommend using
Longhorn Beta 3. The checked build of it is much, much faster than that
of Vista, at least in my case. I have no idea of why, but it just is.

mm

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mandy Lam
Sent: Tuesday, June 26, 2007 17:33
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] unable to replace drivers on Vista

I guess that’s the last I can do. Thanks.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tim Roberts
Sent: Tuesday, June 26, 2007 2:17 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] unable to replace drivers on Vista

Mandy Lam wrote:

Hi,

I am trying to replace a few drivers (e.g. mountmgr.sys,
volmgr.sys) with corresponding checked build versions on a Vista
installation. However I get error “Destination Folder Access Denied -
You need permission to perform this action” when I rename the original
binary. I was logging in to an account with administrator privilege
and has UAC turned off. What else did I miss? Thanks in advance for
helping.

Administrator is no longer enough. The system folders are owned buy the
system account.

This “piecemeal checked” approach has never been reliable. Why don’t
you just install the whole checked build? It’d be quicker than trying
to figure out how to override the protections.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

7

UAC still exists, but it’s much changed in Vista and later OSes. The OS
files are owned by the account that the PnP service runs under, not the
administrator. If you want to replace files you only have to change their
permissions, which you can do after taking ownership of the file. Try the
following:

takeown /f filename
icacls filename /grant [domain]username

  • Jake Oshins
    Microsoft Kernel Team

“Mandy Lam” wrote in message news:xxxxx@ntdev…
Hi,
I am trying to replace a few drivers (e.g. mountmgr.sys,
volmgr.sys) with corresponding checked build versions on a Vista
installation. However I get error “Destination Folder Access Denied - You
need permission to perform this action” when I rename the original binary.
I was logging in to an account with administrator privilege and has UAC
turned off. What else did I miss? Thanks in advance for helping.

Mandy

8

Jake,
Thanks! That works - w/ slight modifications:
takeown /f filename
icacls filename /grant [domain]username:(D,WDAC)

Mandy

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Jake Oshins
Sent: Tuesday, June 26, 2007 8:28 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] unable to replace drivers on Vista

UAC still exists, but it’s much changed in Vista and later OSes. The OS

files are owned by the account that the PnP service runs under, not the
administrator. If you want to replace files you only have to change
their
permissions, which you can do after taking ownership of the file. Try
the
following:

takeown /f filename
icacls filename /grant [domain]username

  • Jake Oshins
    Microsoft Kernel Team

“Mandy Lam” wrote in message news:xxxxx@ntdev…
Hi,
I am trying to replace a few drivers (e.g. mountmgr.sys,
volmgr.sys) with corresponding checked build versions on a Vista
installation. However I get error “Destination Folder Access Denied -
You
need permission to perform this action” when I rename the original
binary.
I was logging in to an account with administrator privilege and has UAC
turned off. What else did I miss? Thanks in advance for helping.

Mandy


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer