Various technical articles, IT-related tutorials, software information, and development journals
Saturday, July 14, 2018
Using SetOwner on an access control list may require SeTakeOwnershipPrivilege
One user was having some trouble gaining control of a file. Taking ownership and adding a Full Control access rule to a file's ACL can be done with PowerShell, but there's a significant wrinkle. The SetOwner function on the ACL object, which would allow an administrator to take ownership of the file, requires the process to have turned on SeTakeOwnershipPrivilege. Running elevated gives the process the permission, but doesn't enable it. As far as I know, there's no pure PowerShell way to enable the privilege - a mess of embedded C# to P/Invoke the native API is the only way I've found.
Labels:
windows
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment