Acces to C:\Documents and Settings

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am the administrator, and there are no other users. I upgraded Vista from
XP. However, I cannot gain access the the C:\Document and Settings folder. It
tells me that I don't have the proper security, and yet, when I check I have
all rights to the folder.

I do have acces to My Documents, but not the C:\Documents and Settings
folder which I assume contans the My Docments folder.

Thanks

db
 
In Vista, the "\Documents and Settings" folder that is there is redirected to
"\Users" instead. I'm not sure why it doesn't automatically redirect you to the
proper folder when you attempt to access it, but I'm guessing that it has
something to do with the fact that you upgraded from XP.
 
I am the administrator, and there are no other users. I upgraded Vista from
XP. However, I cannot gain access the the C:\Document and Settings folder. It
tells me that I don't have the proper security, and yet, when I check I have
all rights to the folder.

I do have acces to My Documents, but not the C:\Documents and Settings
folder which I assume contans the My Docments folder.

Thanks

db
Click to expand...

Might need to take ownership of the files to regain access to them. The
directions in the following article are for XP but the steps are relatively
the same with Vista.

How To Take Ownership of a File or Folder
http://support.microsoft.com/default.aspx?scid=kb;en-us;308421
 
The file system security in areas like that I have found quiet annoying too.
I'm a little paranoid to make any changes to that area as in the past when I
have with XP I've managed to lock myself or system accounts out of required
areas causing even greater issues.

What I find the strangest is that my account supposedly has full access to
my own profile directory, yet it's still needing to boost my security levels?
Also, why can I not see C:\Users\%username%\Application Data at all? I need
to guess at a directory under that if I want to go further.
 
"c:\Documents and Settings" is now "c:\Users" and
"c:\Users\%username%\Application Data" is now "c:\Users\%username%\AppData".
And really, the later should be referenced as %appdata%, which goes one
level deeper into AppData where the real stuff is.

Ignore the old directories. They're there for some sort of backwards
compatibility and are just junction points to the real directories (do a dir
/ah in c:\ or your user directory to see). Hopefully they'll document what
purpose they serve now or add some more descriptive error dialog than
"Access Denied".
 
I'm willing to bet that this problem is caused simply by the fact that this
is a desktop shortcut. Delete it, and make a new one from the documents
folder in the start menu.
 
I am having the same problem. But after reading the responses to this post,
I thought I'd elaborate on it a bit, because it seems like some of the
responders might know the answer but are misunderstanding what is happening.
So forgive me if I'm wrong, but it's actually not simply an annoyance to me
but a big problem.

I use an IRC client called XChat. (Linux users and hardcores will know
about xchat.) Instead of having to go through and completely redo every
setting for this app, it saves a full day's work to simply copy over the
files which, in WinXP, are in the Docs&Sets\<user>\Application Data\Xchat2
folder to wherever the Vista equivilent is. As far as I can tell, it's in
the Users\<user>\Application Data\Xchat2 folder.

Unfortunately, even though my security level is "administrator", I cannot
even access my OWN Application Data folder. Just get the "Access Denied"
and that's it. (I can SEE it, with it's faded little coloring, smirking at
me in it's all-knowing way, but can't OPEN it.)

Now...I have gone in and (because that system is not yet connected to the
net) changed every permission for that folder I can find (and yes, there are
at LEAST 3 levels of it that I've found so far) even all the way to
"EVERYBODY" just to be able to get in there, and to no avail...it still
doesn't let me in.

Here's one way I can think of to get access: Log into the system as
"administrator" sort of like a linux user can log in as ROOT.
Unfortunately, I can't find a way to DO that. Can anyone help me out there?
I've even tried (with windows explorer) "run as administrator" and STILL
come up with the same result. How does one log in as administrator?

--
Takali S. Omega
Manager, Raven Mill Computers
Owner, SynTaks E-Works
Host of TechTAK on KFAR 660am
------------------------------------------------------------
ASUS P5N32SLI Deluxe
Intel Presler Pentium D 950
2GB OCZ DDR2-800
2x eVGA 7600 SLI
2x WD 250 SATA2
-------------------------------------


|I am the administrator, and there are no other users. I upgraded Vista
from
| XP. However, I cannot gain access the the C:\Document and Settings folder.
It
| tells me that I don't have the proper security, and yet, when I check I
have
| all rights to the folder.
|
| I do have acces to My Documents, but not the C:\Documents and Settings
| folder which I assume contans the My Docments folder.
|
| Thanks
|
| db
 
BTW, I have gone into the computer management and UNclicked "account
disabled" and this has done nothing for me...

--
Takali S. Omega
Manager, Raven Mill Computers
Owner, SynTaks E-Works
Host of TechTAK on KFAR 660am
------------------------------------------------------------
ASUS P5N32SLI Deluxe
Intel Presler Pentium D 950
2GB OCZ DDR2-800
2x eVGA 7600 SLI
2x WD 250 SATA2
-------------------------------------


|I am the administrator, and there are no other users. I upgraded Vista
from
| XP. However, I cannot gain access the the C:\Document and Settings folder.
It
| tells me that I don't have the proper security, and yet, when I check I
have
| all rights to the folder.
|
| I do have acces to My Documents, but not the C:\Documents and Settings
| folder which I assume contans the My Docments folder.
|
| Thanks
|
| db
 
Hello,

I think the Application Data folder has been replaced by the AppData
folder... try looking in there, either the Roaming or Local folder, for the
settings you are looking for.

I believe the Application Data folder is there as some sort of application
compatability hack for programs, and is completely inaccessible from the
shell, administrator or not ... because it is not really a folder, just
there to point programs to the new location.

From my experience, any folder with a "ghosted" look and a shortcut icon
means that the folder has been replaced by a folder in a different location,
and the shell isn't nice enough to move you there when you double-click on
the shortcut ;)

- JB
 
I tried the appdata folder. It does have part of the xchat files init, but
not the ones I need access to. They are still hiden, and as far as I know,
it's going to the folder everyone's trying to get to. I know the
application data folder in docs&sets is a pointer to another folder, but I
still think that the one needed is the application data folder inside the
user\<user> folder

--
Takali S. Omega
Manager, Raven Mill Computers
Owner, SynTaks E-Works
Host of TechTAK on KFAR 660am
------------------------------------------------------------
ASUS P5N32SLI Deluxe
Intel Presler Pentium D 950
2GB OCZ DDR2-800
2x eVGA 7600 SLI
2x WD 250 SATA2
-------------------------------------


| Hello,
|
| I think the Application Data folder has been replaced by the AppData
| folder... try looking in there, either the Roaming or Local folder, for
the
| settings you are looking for.
|
| I believe the Application Data folder is there as some sort of application
| compatability hack for programs, and is completely inaccessible from the
| shell, administrator or not ... because it is not really a folder, just
| there to point programs to the new location.
|
| From my experience, any folder with a "ghosted" look and a shortcut icon
| means that the folder has been replaced by a folder in a different
location,
| and the shell isn't nice enough to move you there when you double-click on
| the shortcut ;)
|
| - JB
|
 
| || Hello,
||
|| I think the Application Data folder has been replaced by the AppData
|| folder... try looking in there, either the Roaming or Local folder, for
| the
|| settings you are looking for.

Actually, you were right, though I didn't catch your meaning before. It
took me not understanding and then deciding to get my linux-freak
wifey-poo-thingie to help me out, but there are a couple ways to find out
what goes to where...the way *I* tried was the linux method. This is how I
did it:

go to your \users\<username> folder in shell. (Command prompt)
type in 'dir /a' and hit enter. (Using the standard dir won't do it. the
/a shows you the hidden files also.)

In that list, as with any dir /a results, you will see all the shaded
folders show after them the word JUNCTION, which means that the folder
doesn't really exist but points somewhere else. (For linux folks, it's the
same as SYMLINK) But it also shows you exactly WHERE it points to, which is
a nice thing to know if you're trying to get the info I was.

So I apologize for not realizing what you were saying, but at least in not
realizing it, I learned a few things instead of just the stuff I was looking
for.

The JUNCTION/SYMLINK idea isn't really used much in earlier version of
windows, as far as I know. In Windows Vista, they had to do something to
accomodate older applications, such as my xchat, which have settings for
each user and want to continue using the folder "Documents and Settings"

Also, the way I see it is that it doesn't matter what you set for
permissions on these "junction" folders, because they don't really exist.
So trying to open one of those folders is not going to work. They aren't
really there to USE, just as a pointer for those older programs.

I hope that, between Mr Brush's answer, and my ramblings for the people who
didn't want to pay attention to him or get what he said, this makes sense.
Maybe MS will find a way to make the junction folders point to the proper
folders more like a shortcut does if you double-click on it.

--
Takali S. Omega
Manager, Raven Mill Computers
Owner, SynTaks E-Works
Host of TechTAK on KFAR 660am
------------------------------------------------------------
ASUS P5N32SLI Deluxe
Intel Presler Pentium D 950
2GB OCZ DDR2-800
2x eVGA 7600 SLI
2x WD 250 SATA2
-------------------------------------
 
go to your \users\<username> folder in shell. (Command prompt)
type in 'dir /a' and hit enter. (Using the standard dir won't do it. the
/a shows you the hidden files also.)
Click to expand...

Nice tip! I didn't think cmd would show junctions ... awesome.

Hopefully in the future the shell will follow junctions to their correct
location. :)

- JB
 
| <snip>
| > go to your \users\<username> folder in shell. (Command prompt)
| > type in 'dir /a' and hit enter. (Using the standard dir won't do it.
the
| > /a shows you the hidden files also.)
|
| Nice tip! I didn't think cmd would show junctions ... awesome.
|
| Hopefully in the future the shell will follow junctions to their correct
| location. :)
|
| - JB

That's what I am hoping. To be honest, I wouldn't have thought of the dir
/a if it hadn't been for my linux-freakoid-wifey-poo-thingie. (The LFWPT)
Most of us windows-trapped people are stuck with what we can do with a
mouse, so the credit goes to her for that. But, again, if you start
remembering the way things were with DOS way back when, you will get a LOT
farther with this beta than trying to use XP knowledge.
 
2 things are going on here:
1- All users are 'demoted' to a general user security status. This is part
of UAC. Even accounts that are set as Administrator in their user accounts.
There is a registry key for this, but the whole UAC has several registry
keys. you cannot disable just this one and address this 'issue'
2- For backward compatability folders such as 'Documents and Settings'
'AppData' etc are junctions or symlinks to new locations. 'Docs and Settings'
is 'C:\Users' "My Documents" is just "Documents" etc.

I have found that the security set up on these folders is a little odd. It
does not let you browse thru them to the new locations (this maybe is to
force users to learn/use the new locations?), but apps that install or use
this can -(must have System permissions?) and this is not consistent either,
i have had problems installing that i think were related to this.
 
Hello,

The junctions are there ONLY to allow applications that access files inside
of them to work. They are not designed to let applications do a directory
list on them. Let me explain in detail:

Let's say you upgraded from Windows XP to Vista. You use Microsoft office,
and on your recent file list, is a file in c:\documents and
settings\joe\file.doc.

The application compatibility junctions ensure that accessing this entry in
your recent file list still works.

The junction is NOT there to allow you to browse to c:\documents and
settings\ and see the files in c:\users\.

This is why these junctions are deeply hidden - you have to change two
settings to see them!

Also, Windows Vista security is set up so that you have to give a program
permission to use 'administrator' settings via a prompt. This is not an
'issue', this is how Vista works. Programs that do not request admin
permissions do not receive them.


--
- JB
Microsoft MVP - Windows Shell/User

Windows Vista Support Faq
http://www.jimmah.com/vista/
 
It is an 'issue' to the consumer; unless Microsoft wants to play a blame game
and pass the buck to poor app programming by their partners...oh wait,
"Partner" means that they wouldnt throw them under the bus...so that isnt the
way to go.
As i recall, Gates himself touts their strong partner relationships as one
of their greatest strengths. (see Vista prelaunch in New York video)
Have you installed Adobe Reader 8 to your Vista machine? you get the admin
prompt, but it still fails. You have to start it yourself <run as
administartor> and then the app gets the right permissions. so yes it
prompts, but doesnt do the "handoff" very well. Seen this with other apps as
well (ATI catalyst).

Lets talk UAC for a second, Great Idea, poor execution. why have a setting
that you see in the GUI and set, yet in the registry that setting is
nullified; whereas to all appearances, you think you set it correctly? now
you start troubleshooting "i am an admin on my pc, why is it acting like i am
not? Admin in Vista means you are allowed to enter admin credentials so the
process can continue. and again, that pass off isnt executed well.

have you tried to share a folder from a Vista machine to an XP machine? You
set a share permission for the user, they can authenticate, but the security
on the folder is set so that users (which you are even if you set your
account as admin) are denied control. So thinking along the lines of 'least
privelege' you are not allowed FULL perms like you set in the Share
permissions. And XP is not getting the 'admin prompt' to credential your
activity. You arent sharing like you thougt. I am working on this one now.

The Vista product was not ready to ship ((EX: change location of Documents
<properties of the folder/location tab> in your Users Profile folder, and it
works....but that location change should also change the junction that still
points to C:/users. Or you install an app that references it, and it gets
created again, and now you have 2 Documents folders. took me a 2 seconds to
logically realize that))
I am not bahsing it, what works is awesome, but overall, users are going to
get a bad experience (and wouldnt you agree that most of the features and
marketing are aimed at home users; which are definitely not skilled enough to
deal with this.

Would be happy to continue this discussion...if i am off the mark i would be
happy to learn how it is really working so i can teach/train/support/use the
product. If this is close to the truth, then lets get it out there so peeps
can be aware and correct their issues. :-)
 
It is an 'issue' to the consumer;

Of course. However, this issue is transient, as it is based on application
compatibility - applications will BECOME compatible in the future.

It's a chicken and egg scenario. Apps break if you change the OS. You don't
want to change the OS until apps work with it, yet apps won't change unless
people are using the OS. Someone has to make the first move, and there will
be a lag time for the other party to catch up.
unless Microsoft wants to play a blame game
and pass the buck to poor app programming by their partners...oh wait,
"Partner" means that they wouldnt throw them under the bus...so that isnt
the
way to go.
Click to expand...

There IS fault in the programming community for not writing applications
that follow basic guidelines on how to work with the OS (including XP!) as a
standard user. These are the programs that fail the hardest on Vista (the
programs that always assume the user is an admin, which is AS MUCH AN
INVALID ASSUMTION in XP, even though it was generally true).

It is ALSO MS's fault for not previously enforcing their programming
requirements in the OS and making it difficult for software developers to
implement the best practices that they recommended.

And it is also the USER'S fault for not being more proactive about security.

But there's no sense playing the blame game - the fact is, the way it WAS
BEFORE in XP wasn't working, reagrdless of whose fault it was; so something
had to be done, and that something is UAC. UAC is a way to get the majority
of people in the world running in a standard user environment
(admin-on-demand) and yet be able to easily put on an 'admin' cap in order
to do admin related tasks, in a way that is intuitively understandable by
the average user.

The game is this: If you want all of the programs that have ever been made
to work on a new OS, you *cant change the OS*, since ANY change will break
SOME program. The bigger the changes, the bigger the breakage.

UAC strives heavily to work around faulty applications; however, there will
be some collateral damage, and that is unavoidable. The road to the future
is paved over non-compliant and non-supported applications and hardware.
As i recall, Gates himself touts their strong partner relationships as one
of their greatest strengths. (see Vista prelaunch in New York video)
Have you installed Adobe Reader 8 to your Vista machine? you get the admin
prompt, but it still fails. You have to start it yourself <run as
administartor> and then the app gets the right permissions. so yes it
prompts, but doesnt do the "handoff" very well. Seen this with other apps
as
well (ATI catalyst).
Click to expand...

This is completely ADOBE'S FAULT. Not Vista's.

And for the record, I installed Adobe Reader 8 without a hitch. And as an
aside, I LOVE what they've done with it! It's the first acrobat/reader that
has come out of Adobe in 10 years that I haven't felt embarassed to install.
Lets talk UAC for a second, Great Idea, poor execution. why have a setting
that you see in the GUI and set, yet in the registry that setting is
nullified; whereas to all appearances, you think you set it correctly?
Click to expand...

Don't know what you mean here - can you give a specific example?
now
you start troubleshooting "i am an admin on my pc, why is it acting like i
am
not? Admin in Vista means you are allowed to enter admin credentials so
the
process can continue. and again, that pass off isnt executed well.
Click to expand...

This "pass of" is executed perfectly. Programs launched via a prompt run
with the full rights of the user. Programs that don't prompt do not run as
an admin.

This can be frustrating for users - primarily due to LEGACY PROGRAMS that
don't prompt. All Vista-compatible programs will prompt when necessary, so
this will be less and less of a problem as the future rolls on by.
have you tried to share a folder from a Vista machine to an XP machine?
You
set a share permission for the user, they can authenticate, but the
security
on the folder is set so that users (which you are even if you set your
account as admin) are denied control. So thinking along the lines of
'least
privelege' you are not allowed FULL perms like you set in the Share
permissions. And XP is not getting the 'admin prompt' to credential your
activity. You arent sharing like you thougt. I am working on this one now.
Click to expand...

In this regard, the sharing in VISTA works exactly like it did in XP.
"Share" permissions have never overriden the security permission on files -
the least of both permissions always has taken effect. This has been true
since the early days of Windows NT.

Also, Vista does not allow you to use your admin power remotely by default;
so, if you are trying to access a file that administrators can only access,
you will be denied, even if authenticated as an admin; you can change this -
see my website for more info.
The Vista product was not ready to ship ((EX: change location of Documents
<properties of the folder/location tab> in your Users Profile folder, and
it
works....but that location change should also change the junction that
still
points to C:/users. Or you install an app that references it, and it gets
created again, and now you have 2 Documents folders. took me a 2 seconds
to
logically realize that))
Click to expand...

This is unrelated to UAC :). However, I agree that this feature is sorely
lacking in functionality. Vista definately has rough edges, primarily in
functionality that MS doesn't expect most users to use and where the bugs
aren't very severe.
I am not bahsing it, what works is awesome, but overall, users are going
to
get a bad experience (and wouldnt you agree that most of the features and
marketing are aimed at home users; which are definitely not skilled enough
to
deal with this.
Click to expand...

I agree that users using poorly compatible applications will not get a great
experience. However, this ALWAYS happens when a new OS is released; it is
not a "problem" with Vista specifically, but a problem that is always
experienced when things change, regardless of OS, and in fact, is a general
problem that can be applied to pretty much any scenario.

I disagree that Vista's features are aimed soley at home users. There are
many, many features that are cool for business that aren't immediately
visible. (Reworked network stack increases throughput in
high-bandwith-high-latency connections; Increased number of group policy
configurations available; Awesome new features in task scheduling, event
logs, and performance monitoring; Many more command-line administrative
utilities; Completely new, completely customizable image-based deployment
capabilities; just to name a few).

Basically what you are saying is that UAC is different than the way Windows
XP does security. And I would agree with you 100%. However, we seem to
disagree on whether this is a good thing. Is change always bad? Are you
saying that UAC is bad *because it doesn't work like XP did*? If that's not
what you are saying, then what exactly would you have UAC do that it doesn't
do now?
Would be happy to continue this discussion...if i am off the mark i would
be
happy to learn how it is really working so i can teach/train/support/use
the
product. If this is close to the truth, then lets get it out there so
peeps
can be aware and correct their issues. :-)
Click to expand...

This is a favorite topic of mine :)


--
- JB
Microsoft MVP - Windows Shell/User

Windows Vista Support Faq
http://www.jimmah.com/vista/
 
well put. i agree with a lot of your comments there. particularly whereas
programmers did start disregarding what might be called best practice and
started instructing users and admins alike to set users as local admin on the
local machine.

There is a definite need for users to step up and take responsibility for
some of their own computer problems.

Good discussion, thanks for chatting.

i am going to start another post on the Users Profile folder if you want to
check that out.
 
Hi Mark...
Just a quick note: no, it isn't because of an XP upgrade...
I have a new laptop with Vista installed from factory and I'm so unhappy
with all the security / folder assignment issues that I actually thought
about downgrading to XP...

I have the same "No access to C:\ Documents and Settings" message...

I got tired of making many directories in my Computer NOT "Read-Only" to
press Yes and right after it goes back to Read-Only...

And to try to move a folder into a different folder and get 2 options: Try
Again (which doesn't work) and Cancel (which works), but since I have
administrative rights AND I'm the owner of the folder, shouldn't I be able to
do whatever I want?

Wow, a quick note became a BIG one...

I'll start a new topic...lol...
 
Back
Top