question

IJ5569 avatar image
IJ5569 asked

Why full control permissions on a folder are not inherited by a crt or a pvk file created in the folder?

Hello,

I have a network folder and two machine accounts, node1$ and node2$, both of them having full control permission on the folder.

I log in a SQL Server intance in the node1 machine and back up a SQL Server certificate on the network folder, which generates a crt and a pvk files.

Then I log in node2 machine and try to restore the certificate in another SQL Server instance. But I can't because node2$ has no permissions on the requested files .crt and .pvk.

Even more, if I check the created files, the very node$1 machine account has no explicit permissions on these files. Instead, I find an "owner rights" ACE.

So, the files don't seem to inherit the permissions that node1$ and node2$ have on the folder.

This issue doesn't affects to other kind of files.

I can solve this by manually assigning explicit permissions on the files to node2$.

But my question is: why .crt and .pvk files don't inherit the permissions as other types of file do?

Thanks in advance,

Ignacio

sql serverpermissionscertificatesntfs
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

0 Answers

·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.