Skip to main content

Hyper-V copy/paste of Virtual Machine folder security problems

Have you seen this in your error logs?:

The Virtual Machines configuration 6ED5794F-DD19-46D3-8121-0880FEB592AE at 'D:\Hyper-V VM Data\VM NAME' is no longer accessible: General access denied error (0x80070005).


With Event ID: 4096 and much sadness because your VMs won't boot?

And did you move the folders that your VMs are living in to a new location but it should just work?! Well the chances are the security permissions on the files are wrong. I'm not talking about "Administrators" having all rights, but specific Virtual Machine rights.

I recently upgraded my home server with a new array of disks - a jump from 500GB of storage to 2TB. It's a modest increase, but this is a hyper-v server, not a NAS. I copied off the VMs from the old disk to an external drive and then copied them back. Oh noes! Two of my virtual Linux servers declined to start again - bastards!

So it was to the inter webs, and here, gentle reader, I hope you can find answers. If you check the permissions on the .xml configuration file for the VM you might see just the regular stuff on it. What you should also see is an entry for "NT VIRTUAL MACHINE\6ED5794F-DD19-46D3-8121-0880FEB592AE" there as well. Now in this instance the "6ED5794F-DD19-46D3-8121-0880FEB592AE" is specific to my virtual machine - you will have a different one.

It's important to note that ID. You can get it from your .xml configuration file and various other places (I find the .xml to be the easiest).

Now to fix this, open an elevated command prompt and type in the following:

icicles "path to .vhd or .xml" /grant "NT VIRTUAL MACHINE\virtual machine ID":(F) and hit enter.

You should have a return of"

processed file: "path to .vhd or .xml"
Successfully processed 1 files; Failed processing 0 files

It looks like this:


Do this for both the .vhdx (as in this case) and the .xml file. Once you go back to the Hyper-V management console, your VM should work. Otherwise, something else is b0rked and you'll need to chase it in Event Viewer!

I hope this saves someone else the half an hour of Googling that I did this morning to sort it out. Best of luck!

Comments

Popular posts from this blog

Plone - the open source Content Management System - a review

One of my clients, a non-profit, has a lot of files on it's clients. They need a way to digitally store these files, securely and with availability for certain people. They also need these files to expire and be deleted after a given length of time - usually about 7 years. These were the parameters I was given to search for a Document Management System (DMS) or more commonly a Content Management System (CMS). There are quite a lot of them, but most are designed for front facing information delivery - that is, to write something, put it up for review, have it reviewed and then published. We do not want this data published ever - and some CMS's make that a bit tricky to manage. So at the end of the day, I looked into several CMS systems that looked like they could be useful. The first one to be reviewed was OpenKM ( www.openkm.com ). It looked OK, was open source which is preferable and seemed to have solid security and publishing options. Backing up the database and upgradin

Musings on System Administration

I was reading an article discussing forensic preparation for computer systems. Some of the stuff in there I knew the general theory of, but not the specifics of how to perform. As I thought about it, it occurred to me that Systems Administration is such a vast field. There is no way I can know all of this stuff. I made a list of the software and operating systems I currently manage. They include: - Windows Server 2003, Standard and Enterprise - Exchange 2003 - Windows XP - Windows Vista - Windows 2000 - Ubuntu Linux - OpenSuSE Linux - Mac OSX (10.3 and 10.4) - Solaris 8 - SQL 2005 - Various specialised software for the transport industry I have specific knowledge on some of this, broad knowledge on all of it, and always think "There's so much I *don't* know". It gets a bit down heartening sometimes. For one thing - I have no clue about SQL 2005 and I need to make it work with another bit of software. All complicated and nothing straightforward. Irritating doesn&

elementary OS 5.1 Hera - a review and a revisit

 It's been ages since I used a desktop Linux distribution - being up to my ears in the horror of implementing ISO 27001 doesn't leave you much time to play around with computers - too busy writing policies, auditing and generally trying to improve security to a formally acceptable and risk managed level. I need a quick, small OS though to do the occasional network scan, view the contents of a dodgy file on and for general, low impact activities. I remembered reviewing elementary OS ( elementary.io ) some time ago ( see  https://www.ryv.id.au/2015/01/elementary-os-review.html ) from 2015 so I thought it was worth a revisit.  I downloaded the ISO from their website, forgoing to donation for the moment while I review it. If it turns out I'm going to keep using it, I'll send them some love. The ISO is 1.38GB in size and I booted it in a VMware Player instance. From go to whoa (I won't include the install photos here) it took about 10 minutes with a dual vCPU and 4GB of