Windows 7 Switch ownership of "normal" folders (tree): Disadvantages?

P

pstein

Extraordinary Member
When I inspect my file system some of my "normal" (=non system) folders then I can see owners like
"S-1-5-21-15185678....." or "S-1-5-21-107808153

Why do only approx 30% of all folders have "S-1-5-21-151..." as owner and all others "Administrator"?

I dislike these "S-1-5-21-......" owners and would like to switch owner to "Administrators".

Are there any disadvantages?

My account name is "pet" which in turn is member of the "Administrators" group.

When I use now one of these "take ownership" tools then (as far as I can see) the next owner is my account "pet".
However I would like to assign "Administrators" instead. Is there a tool which allows (recursively) assignment of groups/other accounts as owner?

Peter
 
Ownership isn't as important as the actual ACLs, but I wouldn't go changing the information without backing it up. Which files are you trying to change?

As to the long S-#'s these SID or Security Identifiers. Every user and group has an associated SID and these are really what ACLs are based on the human readable names are just that "human readable" the OS uses the SIDs to identify access.

Code snippets for powershell. The first to save ownership information and the second to restore the owners. This would save owners for everything in C:\. You can change line 4 to any path you would want to save and restore.

Code: 
# Create Ownership Audit
$ownershipAudit = "$env:USERPROFILE\Desktop\Ownership-Audit.log"

$files = Get-ChildItem -Path "C:\" -Recurse

foreach($file in $files)
{
    $acl = Get-Acl $file
    $ownerString = "$($file.FullName):$($acl.Owner)"

    Out-File -FilePath $ownershipAudit -InputObject $ownerString -Encoding ascii -Append
}


###############################
# Run separately
###############################

# Restore Ownership
$ownershipBackup = "$env:USERPROFILE\Desktop\Ownership-Audit.log"

$users = Get-Content $ownershipAudit

foreach($user in $users)
{
    $file = $user.Split(':')[0]
    $owner = $user.Split(':')[1]

    $aclObject = Get-Acl $file
    $aclObject.Owner = $owner

    Set-Acl -Path $files -AclObject $aclObject
}
 
You must log in or register to reply here.

Similar threads

L
NTFS, SMB, Owner
Replies
1
Views
849
ChatGPT
ChatGPT
R
Windows changed the drive numbers (DISK0/DISK1) after Win11 update
Replies
1
Views
2K
ChatGPT
ChatGPT
News
Gen-trepreneur Z is making its mark on the future of small business
Replies
0
Views
1K
News
News
News
Announcing Windows 11 Insider Preview Build 25236
Replies
1
Views
2K
daopa
D
News
Shopping for back-to-school PCs? Check out these Windows 11 laptops
Replies
0
Views
1K
News
News
Back
Top