Re: Forcing Ownership of files

From: Cameron Biggart (lordwolfcb_at_hotmail.com)
Date: 04/29/04 

Date: Wed, 28 Apr 2004 23:46:31 -0700

"Herb Martin" <news@LearnQuick.com> wrote in
news:uGWzh4ZLEHA.1052@TK2MSFTNGP12.phx.gbl:

> "Cameron Biggart" <lordwolfcb@hotmail.com> wrote in message
> news:Xns94DA8D2D19ABlordwolfcbinau@207.46.248.16...
>> Hi
>>
>> I know that I can 'take' ownership of a file/folder as administrator
>> but how do I give ownership of a file that was copied from one server
>> to another by administrator back to the person who created it on the
>> original server. I guess I'm asking is there a Windows equivalent of
>> the unix chown command that would set the owner/creator of a file to
>> a specified user.
>
> You usually cannot -- you can give FULL CONTROL to the user and
> let them TAKE ownship.
>
> Contrary to popular misconception, non-Admins can take ownership
> without that right IF they have Full Control.

I am adding 'user' with full control to each directory, where 'user' is
the logon of the user in question. This has fixed the problem as they now
have explicit permission to do whatever they like with the content of
thier folder.

[snip]

>> I need to do this for 80 directories each with multiple
>> subdirectories in
> a
>> 'users' share of the drive. For security I set permissions to
>> 'creator_owner' & 'domain administrators' to 'full control' and
>> removed
> the
>> access for the 'everyone' group but now people are not able to access
> files
>> that don't show them as creator/owner (as would be expected).
>
> Why didn't you just move the files with the /O switch in XCOPY and
> another tools that lets you copy the permissions and ownership?

The short answer is becaus the files were copied a couple of years ago
when I first tuned up here from a Novell server to a Windows 2000 server
and security wasn't important. Now they are worried about security so
it's being tightened up - with the obvious consiquences.

>
> You can also use the too SubInAcl.exe from the resource kit to replace
> current owner or permission ACL SIDs.
>

This sounds like it could work, but I don't have a copy of the Res Kit on
hand so I'll just keep using the method in my first paragraph of answer. 

-- 
Cameron
Troll Bridge sponsor #1: bringing Discworld to the Roundworld.
http://www.snowgumfilms.com

Relevant Pages

  • Re: Server Reports empty
    ... Security Exception ... To grant this application the required permission ... The server will start to collect new counter value from ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Forcing Ownership of files
    ... >> without that right IF they have Full Control. ... > have explicit permission to do whatever they like with the content of ... > when I first tuned up here from a Novell server to a Windows 2000 server ... Now they are worried about security so ...
    (microsoft.public.win2000.active_directory)
  • RE: Group Policy - Deploying Software - Permissions Error
    ... >After the package has been added, if I click on the security tab of the ... select Advanced and try an add or edit a permission ... >Internet connection wizard to create a new SBS certificate as my Internet ... If you server has two network adapters, it sounds as if you're trying to ...
    (microsoft.public.windows.server.sbs)
  • Re: Cannot take ownership of a folder
    ... If I Right click, select Sharing & Security, Security tab I get the error ... but you can take ownership or change Audit settings. ... I then tick the box "Replace owner on subcontainers and objects" - OK - OK ... >> I have a W2003 SBS server. ...
    (microsoft.public.security)
  • Re: Adjusting security setting to run an embedded windows control in IE
    ... I need WebPermission in order to send data from server to client. ... It's a little fuzzy how all this security work, but as I understood, I can ... I can force my code to connect back to my server only... ... my code need permission from client to do that connection? ...
    (microsoft.public.dotnet.framework.aspnet)
Quantcast