Like many others in the ITPro world, I am using many VMs to demo, learn, troubleshoot all different kinds of products and customer scenarios. I also mess with the disk files a lot. Every now and then I get the following error when trying to start a VM:
An error occurred while attempting to start the selected virtual machine(s). 'dc02' failed to start. (Virtual machine ID F4E4E8F0-99BF-4282-99E3-F57AE7AC8708) 'dc02' Microsoft Emulated IDE Controller (Instance ID 83F8638B-8DCA-4152-9EDA-2CA8B33039B4): Failed to Power on with Error 'General access denied error' (0x80070005). (Virtual machine ID F4E4E8F0-99BF-4282-99E3-F57AE7AC8708) 'dc02': IDE/ATAPI Account does not have sufficient privilege to open attachment 'C:\Users\Public\Documents\Hyper-V\Virtual hard disks\dc02_2.vhdx'. Error: 'General access denied error' (0x80070005). (Virtual machine ID F4E4E8F0-99BF-4282-99E3-F57AE7AC8708) 'dc02': Account does not have sufficient privilege to open attachment 'C:\Users\Public\Documents\Hyper-V\Virtual hard disks\dc02_2.vhdx'. Error: 'General access denied error' (0x80070005). (Virtual machine ID F4E4E8F0-99BF-4282-99E3-F57AE7AC8708) </code> The problem is rather simple, and since Hyper-V has been around for some time now, it should also be well-known to most of us: The VM does not have the necessary (read, write) permissions to use the assigned .vhd or .vhdx disk. So how do you restore the permissions? As always, there are many solutions, one could use Hyper-V manager, remove the disk from the affected VM and then add it again. You could even use icacls to somehow get the ACLs right. Or, simply use my Restore-VMPermission script :) It’s a PowerShell script that can be used to easily restore permissions for a specific VM (or all VMs) on your Lab Host, it requires the Hyper-V PowerShell Module to get the VMId and then builds the required ACE and adds it to the virtual disk file’s ACL. As always, please don’t use this in production without thoroughly testing. This is meant for Lab environments. Just try to start your VM again, or have a look at the .vhd or .vhdx files security settings and find a similar looking entry: so long, Hyper-V Manager </p>
Problem
Solution
Verify
tom