Backup \ restore NTFS permissions

[Vortex]

Tools to backup and restore NTFS permissions are very limited and it's not easy to find file-level backup tools saving also NTFS permissions. I decided to write my own tools to support NTFS.

saveperm.exe and restperm.exe are two command-line tools created to backup and restore NTFS permissions of a drive or a folder. Both of the tools are taking two parameters. The first pointing the drive or the folder and the second , the binary file storing the NTFS permissions.

Usage examples :

Backup the NTFS permissions of drive E :

Code Select Expand

saveperm E: permissions.bin

Restore the NTFS permissions of drive E :
   

Code Select Expand

restperm E: permissions.bin

Backup the NTFS permissions of the folder C:\test

Code Select Expand

saveperm C:\test testperm.bin

Restore the NTFS permissions of the folder C:\test

Code Select Expand

restperm C:\test testperm.bin

The binary file containing the permissions is filled with NTFS security descriptor information. It's very important to note that the drive or the folder restoring the NTFS permissions should have EXACTLY the same folder and file structure possessed by the original drive \ folder. If it's the case of a system partition, failing to do so can lead to serious NTFS conflicts resulting in a unbootable operating system.

saveperm.exe records the following NTFS informations :

Code Select Expand

Owner security information
Group security information
DACL security information
SACL security information

If you have a Win PE 1 \ 2 \ 3.x or a BartPE disc, you can easily perform a file-level backup of your Windows XP \ Server 2003 installation with the 7-Zip command-line tool and saveperm.exe

a) Get a copy of the 7-Zip command-line version
b) Place the 7-Zip and saveperm.exe \ restperm.exe tools to a location accessible from the Win PE \ BartPE environment.
c) Restart your system with a Win PE \ Bart PE disc.
d) Backup the system :

Code Select Expand

X:\7z\saveperm.exe C: X:\7z\C-NTFS-perms.bin
move X:\7z\C-NTFS-perms.bin C:\C-NTFS-perms.bin
X:\7z\7za.exe a -t7z -mtc=on -mx5 Z:\Srv2003DC.7z C:\* >backup.txt

e) To restore the system :

Code Select Expand

X:\7z\7za.exe x Z:\Srv2003DC.7z -oC:\ >restore.txt
move C:\C-NTFS-perms.bin X:\7z\C-NTFS-perms.bin
X:\7z\restperm.exe C: X:\7z\C-NTFS-perms.bin

X points the system partition of the Win PE system. You can specify a network drive ( Z in the example ) or another partition to do the backup.

The above example backups and restores a Windows Server 2003 domain controller in a test network. The installation having a size of 1596 Mb is compressed to 355 Mb.

Doing a backup of a Vista \ Server 2008 \ 7 installation is more complicated as another NTFS specific feature, symbolic links are introduced to those systems to maintain backward compatibility with older folder naming conventions. I didn't test those systems.