'dc02' failed to start. (Virtual machine ID F4E4E8F0-99BF-4282-99E3-F57AE7AC8708)

'dc02' Microsoft Emulated IDE Controller (Instance ID 83F8638B-8DCA-4152-9EDA-2CA8B33039B4): Failed to Power on with Error 'General access denied error' (0x80070005). (Virtual machine ID F4E4E8F0-99BF-4282-99E3-F57AE7AC8708)

'dc02': IDE/ATAPI Account does not have sufficient privilege to open attachment 'C:\Users\Public\Documents\Hyper-V\Virtual hard disks\dc02_2.vhdx'. Error: 'General access denied error' (0x80070005). (Virtual machine ID F4E4E8F0-99BF-4282-99E3-F57AE7AC8708)

'dc02':  Account does not have sufficient privilege to open attachment 'C:\Users\Public\Documents\Hyper-V\Virtual hard disks\dc02_2.vhdx'. Error: 'General access denied error' (0x80070005). (Virtual machine ID F4E4E8F0-99BF-4282-99E3-F57AE7AC8708) </code>

Problem

The problem is rather simple, and since Hyper-V has been around for some time now, it should also be well-known to most of us: The VM does not have the necessary (read, write) permissions to use the assigned .vhd or .vhdx disk. So how do you restore the permissions?

Solution

As always, there are many solutions, one could use Hyper-V manager, remove the disk from the affected VM and then add it again. You could even use icacls to somehow get the ACLs right.

Or, simply use my Restore-VMPermission script :)

It’s a PowerShell script that can be used to easily restore permissions for a specific VM (or all VMs) on your Lab Host, it requires the Hyper-V PowerShell Module to get the VMId and then builds the required ACE and adds it to the virtual disk file’s ACL.

As always, please don’t use this in production without thoroughly testing. This is meant for Lab environments.

Verify

Just try to start your VM again, or have a look at the .vhd or .vhdx files security settings and find a similar looking entry:

so long,
tom