Command attach vdisk in Windows

2021-05-30 11:57:49

Apply for: Windows Server (Semi-Annual Channel), Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012.

The attach vdisk command attaches (sometimes called mount) a virtual hard drive (VHD) so that it appears on the host computer as a local hard drive. If the VHD already has a drive partition and file system volume when you attach it, the volume inside the VHD will be assigned a drive letter.

Important Note:

You must select and detach a VHD for this to work successfully. Use the select vdisk command to select the VHD and change the focus to it.

Command syntax attach vdisk

attach vdisk [readonly] { [sd=<SDDL>] | [usefilesd] } [noerr]


Parameters Describe
readonly Attach the VHD as read-only. Every write operation returns an error.
sd=<SDDL string> Set user filter on VHD. The filter string must be in the Security Descriptor Definition Language (SDDL) format. By default, the user filter allows the same access as on the physical drive. The SDDL string can be complex, but in its simplest form, the security descriptor (a data structure of security information for Windows objects that can be identified by a unique name) that protects access is called Discretionary Access Control List (DACL). It uses the form: D:<dacl_flags><string_ace1><string_ace2><string_acen>

The usual DACL flags are:

  • A. Allow access
  • EASY. Deny access

The usual permissions are:

  • GA. All access (All permissions)
  • GR. Read access
  • GW. Write access

Common user accounts are:

  • FATHER. Built in administrators (Admin)
  • AU. Authenticated users
  • CO. Creator owner
  • WD. Everyone (Everyone)

For example:

  • D:P:(A;;GR;;;AU. Provide read access to all authenticated users.
  • D:P:(A;;GA;;;WD. Give everyone full access.
usefilesd Specifies that the security descriptor on the .vhd file should be used on the VHD. If the parameter Usefilesd is not specified, the VHD will not have an explicit security descriptor, unless it is specified with the parameter Sd.
noerr Only used to write scripts. When an error is encountered, DiskPart continues to process the commands as if the error did not occur. Without this parameter, there will be an error that causes DiskPart to exit with an error code.

For example

To attach the selected VHD as read-only, type:

attach vdisk readonly


