The Storage Team Blog about file services and storage features in Windows and Windows Server.
Recently, Microsoft Support released an update for Windows Server 2003 SP2 that allows Chkdsk.exe tool compact the NTFS security descriptor stream (a.k.a. $secure file).
Depending on the file system usage, this descriptor can consume a lot of disk space. After getting to a certain size, no more security settings can be configured in NTFS. Those who attempted to compact this file before know it can be really tricky.
With this update, you can run Chkdsk.exe tool to compact $secure file by using the /f switch.
Check the instructions on how to download Chkdsk update here.
I'm curious as to the status of this kind of problem in WS 2008 / Vista. I know NTFS has been updated with self-healing and whatnot.
In Vista, I believe there’s no support in chkdsk for compacting $Secure, so it’s still a potential problem.
In Srv08, there’s much more aggressive compacting of $secure, so it’s unlikely to occur.
Hope it helps