Change NTFS folder Owner using Powershell

In this post a quick way of changing the owner of a ntfs folder is illustrated.

Step1: Get the Acl’s of the folder on which we want to change the owner.
[C:\Users\SivaMulpuru]
PS:1 >$acl = Get-Acl C:\Scripts
List the Acl’s
[C:\Users\SivaMulpuru]
PS:2 >$acl | FL
Path : Microsoft.PowerShell.Core\FileSystem::C:\Scripts
Owner : SivaMulpuru-PC\SivaMulpuru
Group : SivaMulpuru-PC\None
Access : BUILTIN\Administrators Allow FullControl
Everyone Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
Audit :
As you can see the owner is set to my user account (SivaMulpuru) and in this case we want to change it to local builtin administrator account
Step2: Set the owner to BuiltIn Admin Account using the SetOwner property.
[C:\Users\SivaMulpuru]
PS:3 >$acl.SetOwner([System.Security.Principal.NTAccount] “Administrators”)
List the Acl’s again
[C:\Users\SivaMulpuru]
PS:4 >$acl | FL
Path : Microsoft.PowerShell.Core\FileSystem::C:\Scripts
Owner : BUILTIN\Administrators
Group : SivaMulpuru-PC\None
Access : BUILTIN\Administrators Allow FullControl
Everyone Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
Audit :
we are not done yet, even though the Acl’s list Admin as the owner the value is not effective because the changes are not committed.
Step3: Set-Acl (Very Critical)
[C:\Users\SivaMulpuru]
PS:5 >Set-Acl C:\Scripts $acl

Troubleshooting Tip

If you receive the following error, try running powershell as administrator.
Set-Acl : The security identifier is not allowed to be the owner of this object.

Script

###########################################################################
#
#
NAME: Change Owner of NTFS Container
#
#
AUTHOR: SivaMulpuru
#
#
COMMENT:
#
#
VERSION HISTORY:
#
1.0 6/29/2011 – Initial release
#
#
##########################################################################
$acl = Get-Acl C:\Scripts
$acl.SetOwner([System.Security.Principal.NTAccount] Administrators)
Set-Acl C:\Scripts $acl
#Moving further, Add Access rules
$acl.AddAccessRule((New-Object System.Security.AccessControl.FileSystemAccessRule(Domain-Grp,Modify, ContainerInherit, ObjectInherit, None, Allow)))
Set-Acl C:\Scripts $acl

Leave a comment

Your email address will not be published. Required fields are marked *

WordPress Appliance - Powered by TurnKey Linux