Q. How can I restore the default permissions to the NT structure?

A. Follow the procedure below:

1. Logon as administrator.
2. The built-in SYSTEM account needs access to the Windows NT default directories and subdirectories. To get this access, do the following:
   - In File Manager use Security/Permissions to grant the SYSTEM account FULL CONTROL to the root directory of the NTFS volume that contains Windows NT.
   - Next, select the option to Replace Permissions on Subdirectories, which gives SYSTEM access to the entire volume
3. Start Registry Editor (Regedit.exe).
4. Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SessionManager
5. Double-click the value BootExecute.
6. Under BootExecute, you may find a few entries, such as:
   autocheck autochk *
   After any entries, add on a separate line:
   setacl /a \DosDevices\<systemdrive>:\<winnt_root>\System32\winperms.txt \DosDevices\<systemdrive>:
   Here <systemdrive> is the drive that Windows NT is installed on and <winnt_root> is the Windows NT root directory on that drive.
7. Save changes by clicking OK.
8. Exit the registry editor and restart the computer.
9. On restart, the system will set security on the system files to the norm

The procedure above will only work on an NT 3.51 system. To perform the above on an NT 4.0 system you require the Windows NT Resource Kit Supplement 2, or for Windows 2000 the normal resource kit and should perform the following

1. Logon as an Account that has "Backup files and folders" privilege
2. Run the FIXACLS.EXE utility (Start - run - fixacls)
3. Click the Continue button
4. Click OK when completed.

FIXACLS in NT 4.0 sets the permissions to the values defined in %SYSTEMROOT%\INF\PERMS.INF. Therefore, access to this file is also required to run FIXACLS.

This FAQ is copyright © 1999 John Savill (SavillTech Ltd). No part of this document should be reproduced, distributed or altered without my written permission. Contact Information.