07-09
18

NTFS documents (10)

Fine Happy

Authoreric   Category Related Resource   Comments0   Post Time 2007-09-18 03:13:31 -0400

5.2. Layout of the Attribute
Table 2.7. Layout of the $OBJECT_ID (0x40) attribute

 Offset Size Name Description
   Standard AttributeHeader 
 0x00 16 GUID Object Id Unique Id assigned to file
 0x10 16 GUID Birth Volume Id Volume where file was created
 0x20 16 GUID Birth Object Id Original Object Id of file
 0x30 16 GUID Domain Id Domain in which object was created

5.2.1. Birth Volume Id
Birth Volume Id is the Object Id of the Volume on which the Object Id was allocated. It never has been changed.

5.2.2. Birth Object Id
Birth Object Id is the first Object Id that was ever assigned to this MFT Record. I.e. If the Object Id is changed for some reason, this field will reflect the original value of the Object Id.

5.2.3. Domain Id
Domain Id is currently unused but it is intended to be used in a network environment where the local machine is part of a Windows2000 Domain. This may be used in a Windows 2000 Advanced Server managed domain.

5.3. Notes
5.3.1. Other Information
This Attribute may be just 16 bytes long (the size of one GUID).

Even if the Birth Volume, Birth Object and Domain Ids are not used, they may be present, but one or more may be zero.

Need examples where all the fields are used.

We believed that the $OBJECT_ID has more attributes. ID is an important structure in the Microsoft Architectonics. Hence, we suspect there might be some cryptic attributes which we didn’t find. We hope whoever found these attributes will contact us. The assistance would be appreciated.

6. Attribute -$SECURITY_DESCRIPTOR (0x50)
6.1. Overview
Standard Attribute Header?
  The security descriptor can be summarized as:
  A header (may be flags), followed by one or two ACLs and twoSIDs.
  The first ACL contains auditing information and may be absent.
  The second ACL contains permissions (who can do what).
  Each ACL contains one or many ACEs.
  Each ACE contains a SID.
The last two SIDs show the owner of the object (User and Group)

Trackback URL Trackback: http://blog.easeus.com/action.php?action=tb&id=46

Tags Tags: windows,NTFS,xp,ntfs,attribute

Comments List

Post a Comment

  • Name:
  • Email:
  • HomePage:
  • Comment:
  • Question:

Home | Solution | About Company | Contacts | Resource | Blog | Forum | Directory | Links | Sitemap

Copyright © 2005-2008 CHENGDU YIWO Tech Development Co., Ltd. ALL RIGHTS RESERVED.

Privacy Policy | License | Legal Counsel