In Windows 7 and 10, How can I change the owner of files and folders at the command line to any user I want (myself, TrustedInstaller, Everyone, etc)? Just about everything I Google leads to TAKEOWN, but as far as I can see, that only lets me change it to myself or the Admimistrators group. What could I use?
Asked
Active
Viewed 1,807 times
1
-
By default we're limited to assigning the current effective user or any groups in the access token that are flagged as `SE_GROUP_OWNER`. For a typical admin logon the latter includes only the "Administrators" group. If we enable SeRestorePrivilege, we're allowed to assign any security principal as the owner of an object, but I don't think Windows includes a command-line program to enable privileges. We'd need to write a small utility program for this. – Eryk Sun Mar 15 '19 at 03:43
-
2With SeRestorePrivilege enabled, we can assign an arbitrary owner using the command `icacls
/setowner – Eryk Sun Mar 15 '19 at 03:50`. -
Actually, I just checked in a debugger that icacls already enables SeRestorePrivilege before calling `NtSetSecurityObject`. At least it does in Windows 10. You'll have to verify this in Windows 7. – Eryk Sun Mar 15 '19 at 03:59
-
icacls worked, and worked well! Thank you very much! – CyberTaco Mar 19 '19 at 19:21