• EN

Restore only ACL from windows files without restoring files

P
Userlevel 1
Badge 
hello, Small trick following a bad handling. The objective is to restore on a Windows file server the ACLs of the files without restoring the files.
For this we will start by opening the console restore guest files.

 

Once done, click on any file, then explore to find the path to the FLR mount.

To get the list of ACLs you can run a single command. This command will save all subfolders and files as a plain text. The text file (acl.txt) will be saved on your current user folder.
icacls c:data /save acl.txt /t /c

Where “C:data” is the FLR path, “T” is added to get all subfolders and files on that drive, and “C” allows to ignore all the access errors.

If the number of folders and files are too large, then the command will take a long time to complete its execution. At the end of execution, you will get the list of total files which is processed successfully, and the number of files which don’t get success in processing.

If you want to restore the lists, execute the following command

Icacls c: /restore acl.txt

7 comments

Chris.Childerhose
Userlevel 7
Badge +20

Thanks for sharing this tip @Philippe S - something else to add to my repo of stuff.  😋

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Mildur
Userlevel 7
Badge +12

Hi Phillipe

 

Thank you. Might be helpful in V10 and V11.

In V12 you don‘t require that procedure anymore. We have build in a restore permission only button. :)

https://helpcenter.veeam.com/docs/backup/vsphere/guest_restore_save_vm.html?ver=120#restoring-permissions

 

Best,

Fabian

Product Management Analyst @ Veeam Software
Chris.Childerhose
Userlevel 7
Badge +20

Hi Phillipe

 

Thank you. Might be helpful in V10 and V11.

In V12 you don‘t require that procedure anymore. We have build in a restore permission only button. :)

https://helpcenter.veeam.com/docs/backup/vsphere/guest_restore_save_vm.html?ver=120#restoring-permissions

 

Best,

Fabian

Ah yes forgot this hidden little feature now.  v12 for the win!

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Geoff Burke
Userlevel 7
Badge +22

Hi Phillipe

 

Thank you. Might be helpful in V10 and V11.

In V12 you don‘t require that procedure anymore. We have build in a restore permission only button. :)

https://helpcenter.veeam.com/docs/backup/vsphere/guest_restore_save_vm.html?ver=120#restoring-permissions

 

Best,

Fabian

Thanks Fabian I did not know this! 

VMCA2022, VMCE2023, CKA, CKAD, KCNA, LFCS, PCA,TARS
K

So, my next and perhaps obvious question is:

Does previous versions of VBR in fact store this information?

Case scenario:
Some kiddie scripted away a file servers entire ACL structure. None is documented.
Backup is performed with Veeam V9
Would I be able to upgrade to v12 and THEN perform the File Permission Only restore?

(Most genes in my body says: No!)

regnor
Userlevel 7
Badge +14

@Kilo77 As Veeam does create image based backup, the ACLs are stored within the backup files. In V12 the backup browser just has received the capability to restore permissions directly. So I would say, yes after you upgrade you'll be able to restore the permissions.

Speaking if upgrading. If you're still on v9 then you should plan to upgrade as soon as possible. Your Veeam installation is affected by some critical vulnerabilities which have been fixed in V11 and V12.

Max M. | Systems Engineer @Veeam | VMCE/VMCA | former Legend & Vanguard
K

@Kilo77As Veeam does create image based backup, the ACLs are stored within the backup files. In V12 the backup browser just has received the capability to restore permissions directly. So I would say, yes after you upgrade you'll be able to restore the permissions.

Speaking if upgrading. If you're still on v9 then you should plan to upgrade as soon as possible. Your Veeam installation is affected by some critical vulnerabilities which have been fixed in V11 and V12.

 

Hi Max,

Thank you for responding. Actually the client do run V11, but fully agree they should upgrade regardless. :)

Comment


Terms & Conditions