I've been stuck for a while and I'm looking for help.
For a specific usage (...) on a laptop (Integrity protection on an OS partition while another OS is running and hypervisor was not suitable) I had to create several partions on ONE single SSD Drive in order to : 1) Install one OS W10 Pro 1909 (let me call it OS1) encrypted with bitlocker to protect it when OS2 is active 2) Install a second OS W10 Pro (let me call it OS2) also encrypted with bitlocker (even if it was not mandatory) 3) Create a 3rd partition called "data" I also need OS1 to be able to write on it while OS2 only need to read from it.
What i've tried : 1) use diskpart and set the selected volume on OS2 as readonly... => works fine but booting on OS1 the volume stills as RO (and if i clear the attribute on OS1, it is also cleared for OS2) 2) use diskpart and set the selected volume on OS2 as readonly + add a registry entry (HKLM\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies\WriteProtect set to 0) on OS1 to remove the readonly attribute. It fails (stills read only)...
Do you have any idea to set this partition as Read Only only for OS2 ?!!!
=> this is my main need but if you have a tip for that additional problem it would be the icing on the cake : I've tried to set the attributes hidden for the OS1 system volume on OS2... (and wanted to do the reverse on OS1 for OS2), but when it's done I'm unable to have a functional dual boot (on the hidden OS volume)
=> I insist on the point that I'm working at volume/partition level as i only have ONE ssd disk...
Hi, try creating a standard account on OS2, use the Admin account to restrict it and give read only access to your standard account for your 3rd partition.
NTFS permissions were changing from an OS partition to the other as I was using the Built In Groups that have the same SID.... By creating my own groups on both partitions and set correct NTFS perms, all has been solved
