Assigning ownership of files and folders with Takeown.exe



In this blog post we will look at how to take ownership of files and folders, with the takeown.exe command. This can be useful in situations where you are unable to assign permissions to a file or folder, because you don’t have any permissions on that file or folder. By re-assigning the ownership of those files and folders, you will be able to assign permissions. But as you will see, the usefulness of takeown.exe is quite limited.

Obviously you can re-assign ownership through the GUI as well, but if you have many sub-directories and files in a folder, and you want to take ownership of them all, then using the GUI to achieve that will be time consuming and cumbersome.

Keep in mind that with takeown.exe, you can only assign ownership to the logged on user, or the local Administrators group. You can not assign ownership to any user you like, by using the /u switch. Its purpose is to let you run the command with the permissions of the specified user, and not assign ownership to the specified user. And you can certainly not assign ownership to other groups than the local administrators group of the computer, where the file or folder resides. There are also some other caveats, which you will see in the examples below.

1. Takeown.exe syntax and switches

Takeown allows a user with administrative privileges to re-assign file/folder ownership. The syntax of the command is quite simple (and you can view it by running takeown /? )

Takeown /S system /U username /P password /F file(folder)name /A /R /D prompt
takeown1

The different swithces are defined as such

/S :: system specify the remote computer to connect to
/U :: (domain\user) Specify the user context under which the command should execute
/P :: sepcify the password of that user. Prompts for input if omitted.

/F :: Specify the filename or the directory name of which you want to re-assign ownership
/A :: Assign ownership to the (local) Administrators group instead of the current user

/R :: Recurse, assign specified ownership in specified directory and all subdirectories

/D :: prompt, Default answer to use when the current user does not have the “list folder” permission on a directory. This occurs while operating recursively (/R) on sub-directories. Valid values are “Y” to take ownership or “N” to skip. It must be used in conjuction with /R

1.1 Examples

takeown /f directory_name
takeown /f D:\Sales (Here the D:\Sales directory has been specified)

With this command, the logged on user will take ownership of the specified directory

takeown /f D:\Sales /r /d y

With this command, the logged on user will take ownership of the specified directory and all of its sub-directories. At the end /D and y are specified, because that will suppress the confirmation prompt. In other words, the logged on user will take ownership of the specified directory and all of its sub-directories and files, without being prompted for confirmation.

But what exactly are you answering yes to
takeown2

In other words, you are not only taking ownership of the folder, on which you did not have “list folder” permission. But you are also replacing all permissions on said folder, with only your account having full control permissions on that folder. Files on the other hand, keep their permissions.

takeown /f D:\Sales /r /A /d y

With this command, ownership of the specified directory and all of its sub-directories and files will be assigned to the local Administrators group on the computer. Again, also on folders where you do not have “list folder” permission, you will remove all permissions, and only the local administrators group will have full control permissions on it.

takeown /f \\Fileserver01\sales /r /A /d y

Yes, you can specify UNC paths as well.

takeown /s Fileserver01.contoso.com /f  \\Fileserver01\sales /u contoso\john /P /r /d y

With this command, ownership of the specified directory and all of its sub-directories and files will be assigned to the logged on user. But you will be running the takeown command with the permissions of the specified user account. You will also be prompted to specify the password for that user.

/U can only be specified when /S is specified. Its easy to be confused and think that you will be assigning ownership to the user you are specifying, but you will only be running the takeown command under that user’s context. The ownership will still be assigned to the logged on user.

And here is the really weird part, the logged on user must (still) have administrative privileges on the server where the file or folder resides. So why you’d even need to, specify /U , I really can’t tell. If anyone knows, please do tell. 🙂

takeown /f D:\sales\*.txt

With this command, ownership of all txt files in the D:\sales folder will be assigned to the logged on user.

As you can see assigning ownership with the takeown command can be time saving in certain scenarios, but it clearly has its limitations. Still its a viable tool, if you only want to assign ownership to the logged on user or the local administrators group.

Additional resources:
Technet: Takeown

1 Comment

  1. StantonL

    Like the way you explained takeown, thanks.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

Captcha * Time limit is exhausted. Please reload the CAPTCHA.