How to display/change the owner of a file on Windows 7
Is there a way to display the owner of folders and files from the command line in Windoews 7 command prompt?
Can you change the owner of a folder or file to some "arbitrary" user which is not your own username?
I have some folders (and files) that are probably left over from an app that I have removed. If I try to view the contents of the folders I am that told I don't have permission to do so, even if I am running as an "Administrator".
I can "Take ownership" (I assume this will be successful but haven't tried it yet) of the folders (files), but if I need to revert the ownership to the previous owner, I need to know the username of the original owner, and I need to be able to "give ownership" to that user.
Is it possible to do this from the Windows command prompt (or if not, from a GUI-Tool)?
Solution 1:
You can take ownership from the command line via the takeown command and via the Windows GUI.
You can view the owner of a file/folder by using the DIR with a /q parameter
You can view (and take) ownership via the Windows GUI by right clicking the object in Windows Explorer (file or folder), selecting Properties and then navigating to the Security tab. On the Security tab, click the Advanced button and on the subsequently displayed Advanced Security Settings dialog, navigate to the Owner tab.
Once you have taken ownership of a file/folder, Windows does not track the previous owner, so there is no way to revert back to the previous owner. Also, there is no concept of ownership or file permissions if you are working with a file system type that does not support these extended attributes such as FAT16, FAT32, exFAT, etc.
Solution 2:
You can use wmic to query the ownership information like this:
wmic path Win32_LogicalFileSecuritySetting where Path="C:\\windows\\winsxs" ASSOC /RESULTROLE:Owner /ASSOCCLASS:Win32_LogicalFileOwner /RESULTCLASS:Win32_SID
Don't use dir since the ownership info may be clipped, as with this example directory.
To get an output formatted with DOMAIN\USER you can use the following batch script:
@ECHO OFF
SETLOCAL EnableDelayedExpansion
REM Escpe the backslash with \\
SET ESCAPED=%~f1
SET ESCAPED=!ESCAPED:\=\\!
wmic path Win32_LogicalFileSecuritySetting where Path="!ESCAPED!" ASSOC /RESULTROLE:Owner /ASSOCCLASS:Win32_LogicalFileOwner /RESULTCLASS:Win32_SID > "%temp%\wmi.tmp"
for /F "skip=2 delims=€" %%G in ('type %temp%\wmi.tmp') do (call :process_wmioutput "%%G")
goto :continue
:process_wmioutput
SET UNDELIMITED=%1
SET DELIMITED=!UNDELIMITED: =€!
FOR /F "delims=€ tokens=10,12" %%G in ("!DELIMITED!") DO (ECHO %%H\%%G)
exit /B
:continue
Solution 3:
SubInACL.exe allows you to set the owner. The syntax looks something like:
SubInACL /file filename /setowner=NewOwner
If you don't have it, you can download it from Microsoft.
Of course you have to have the rights to be able to do this.
Solution 4:
cacls and icalcs can edit permissions and takeown allows to take ownership. AFAIK they exist in Windows 7 as well. Typically, once you do a takeown, you follow it up with cacls or icalcs to grant yourself permissions to the object.
Microsoft’s security model doesn’t permit to give ownership to someone, only to take it. That way an admin (or otherwise privileged user) cannot take ownership of a file inaccessible to her directly, access or modify it, and give it back to the original owner without notice to the original owner.
Edit: Credit goes to Art for the description of the use of takeown.