I am using BackupRead and BackupWrite to implement a file synchronization between 2 folders.
I can use them on files and folders without any issue. But when I want to use them on a reparse point, BackupWrite fails with an access denied error.
The original reparse point is retrieved without error with BackupRead. The buffer has 2 streams: one for the security data, and one for the reparse data. I can see in the latter the target of the reparse point. The file I am trying to create does not exist and FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OPEN_REPARSE_POINT is passed to CreateFile.
So, my question is: what is the way to open a file so that BackupWrite succeeds to restore a reparse point?
I finally found 2 issues:
If the reparse point is for a directory, the new reparse point must be first created as a directory.
We need to enable "SeRestorePrivilege" or "SeCreateSymbolicLinkPrivilege" for the current process (through OpenProcessToken, LookupPrivilegeValue and AdjustTokenPrivileges), even if the administrative privileges have been granted.