In this post a quick way of changing the owner of a ntfs folder is illustrated.
Step1: Get the Acl’s of the folder on which we want to change the owner.
[C:\Users\SivaMulpuru]
PS:1 >$acl = Get-Acl C:\Scripts
List the Acl’s
[C:\Users\SivaMulpuru]
PS:2 >$acl | FL
Path : Microsoft.PowerShell.Core\FileSystem::C:\Scripts
Owner : SivaMulpuru-PC\SivaMulpuru
Group : SivaMulpuru-PC\None
Access : BUILTIN\Administrators Allow FullControl
Everyone Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
Audit :
As you can see the owner is set to my user account (SivaMulpuru) and in this case we want to change it to local builtin administrator account
Step2: Set the owner to BuiltIn Admin Account using the SetOwner property.
[C:\Users\SivaMulpuru]
PS:3 >$acl.SetOwner([System.Security.Principal.NTAccount] “Administrators”)
List the Acl’s again
[C:\Users\SivaMulpuru]
PS:4 >$acl | FL
Path : Microsoft.PowerShell.Core\FileSystem::C:\Scripts
Owner : BUILTIN\Administrators
Group : SivaMulpuru-PC\None
Access : BUILTIN\Administrators Allow FullControl
Everyone Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
Audit :
we are not done yet, even though the Acl’s list Admin as the owner the value is not effective because the changes are not committed.
Step3: Set-Acl (Very Critical)
[C:\Users\SivaMulpuru]
PS:5 >Set-Acl C:\Scripts $acl
Troubleshooting Tip
If you receive the following error, try running powershell as administrator.
Set-Acl : The security identifier is not allowed to be the owner of this object.
Script
#
# NAME: Change Owner of NTFS Container
#
# AUTHOR: SivaMulpuru
#
# COMMENT:
#
# VERSION HISTORY:
# 1.0 6/29/2011 – Initial release
#
###########################################################################
$acl = Get-Acl C:\Scripts
$acl.SetOwner([System.Security.Principal.NTAccount] “Administrators“)
Set-Acl C:\Scripts $acl
#Moving further, Add Access rules
$acl.AddAccessRule((New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain-Grp“,“Modify“, “ContainerInherit, ObjectInherit“, “None“, “Allow“)))
Set-Acl C:\Scripts $acl