Take Ownership of file

ByLine
How to Take Ownership of a Item in Vista and Windows 7
Synopsis
This will show you how to be able to delete or modify a system file, folder, registry key, or drive in Vista by taking Ownership and allowing your user account full control of the item.
How to Take Ownership of a Item in Vista and Windows 7


information   Information
This will show you how to take Ownership of a file, folder, registry key, or drive where you have been denied access to allow you to give full control of it so that you will be able to delete or modify this item. When you do this, you replace the security permissions to have access.

Note   Note
You will quickly notice that you cannot delete or modify system files, even as administrator in Vista. This is because Vista system files are owned by the TrustedInstaller service by default, and Windows File Protection will keep them from being overwritten. You will encounter a "Access Denied" error.

Tip   Tip

  • If you are trying to delete a folder, then sometimes you will need to delete the contents within the subfolders first before you will be able to delete the main folder itself.
  • The hidden My ..... folders are actually a Junction Point to the real username user folders. They cannot be modified since they are not a real location. EX: My Documents for C:\Users\(your username)\Documents
  • For more on junction points, see: jimmah.com: Why do I get an Access Denied error when trying to open a folder?
  • Sometimes you will need to move the file to the desktop or a user folder first before Vista will allow changes to be made to it. You can then move the file back afterwards.
  • You will sometimes need to take ownership of Files and folders created in another operating system when migrated into Vista.
warning   Warning
This can only be done while logged on to a administrator account. Deleting or modifying system files without knowing what you are doing may lead to eratic behavior from Vista. Even complete system failure with full data loss.


EXAMPLE: You need permission to perform this action
NOTE:
You will see this Access Denied with the Try Again type message when your user account or group does not have Ownership of the file. Clicking on the Try Again does nothing.
Need_Permission.jpg





OPTION ONE
Take Ownership of Item Using Context Menu






OPTION TWO
Take Ownership of Item in Command Prompt

EX: To Take Ownership of this System file:
C:\Windows\System32\en-US\winload.exe.mui

EX: User name to Take Ownership with: Brink
2. In the elevated command prompt, type the command below and press Enter to take ownership of the file.​
NOTE: Substitute full path of file with the full path of the file that you want to take ownership of within quotes.
takeown /f "full path of file"
For example:
takeown /f "C:\Windows\System32\en-US\winload.exe.mui"

3. A message will be displayed that this completed successfully. This will give you ownership of the file.​
4. In the same elevated command prompt, type the command below and press Enter to grant a user full control of the file.​
NOTE: Substitute full path of file with the full path of the file from step 2 within quotes , and (user name) with your user name.
icacls "full path of file" /grant (user name):F
For example:
Code:
icacls "[B][COLOR=red]C:\Windows\System32\en-US\winload.exe.mui[/COLOR][/B]" /grant [B][COLOR=red]Brink[/COLOR][/B]:F

5. A message will be displayed that this completed successfully.​
NOTE: You should be able to delete or modify the file now. If you still can't, you may need to reboot into Safe Mode and try this again. It may vary according to the file. Some are more stubborn.




OPTION THREE
To Manually Take Ownership of a Item

1. Go to the file, folder, drive, or registry key you want to delete or modify.​
NOTE: For example, the system file:
C:\Windows\System32\en-US\winload.exe.mui

2. For a File, Folder, or Drive
A) Right click on the file, folder, or drive and click on Properties.​
WARNING: Do not do this to the hard drive partition that Vista is installed on. It can mess up the boot files.​
For example, the file: winload.exe.mui

B) Go to step 4​

3. For a Registry Key
A) Click on the key in the left pane to highlight the registry key (folder).​
B) Right click on the key and click on Permissions, or click on Edit (Menu Bar) and Permissions.​

4. Click on the Security tab and on the Advanced button. (See screenshots below)​
Properties1.jpg
Registry_Advanced.jpg

5. Click on the Owner tab. (See screenshot below)​
NOTE: For a Registry key, go to step 8 after this.​
WARNING: You should make note of who the current Owner is so you can change it back to it later if you like.​
6. Click on the Edit button.​
7. If prompted by UAC, click on Continue.​
Owner.jpg

8. Under the Change owner to section, click on your user account name and click on OK. (See screenshots below​
NOTE: If you have a check box for Replace owner on subcontainers and objects, then check it if you want to take ownership of them as well. You will not see this option when taking ownership of just a file. Only with a folder.
EX. Username: Moderator (Computer Name/Username)​
Owner2.jpg
Owner2_Folder.jpg

9. Click on OK at the Security pop-up window. (See screenshot below)​
NOTE: For a Registry Key, you will not see steps 9 to 12. Go to step 13.​
Security.jpg

10. Click on OK. (See screenshot below step 7)​
11. Click on the Edit button. (See screenshot below)​
Properties2.jpg

12. If prompted, click on Continue in the UAC prompt.​
13. Click on the Add button. (See screenshot below)​
Permissions.jpg

14. To Type in Your User Account Name
NOTE: If your user account name is already listed, then do step 15 instead.​
A) Type in your user account name in the box under Enter the objects name to select. (See left screenshot below)​
NOTE: For example, Moderator. If you needed to restore TrustedInstaller as the owner, then see: How to Restore TrustedInstaller as Owner of a File in Vista
B) Click on the Check Names button.​
NOTE: If the username is found, then see right screenshot below. If it is not found, then go to step 15 below to select it.​
C) Go to step 16.​
Select_User_Groups1.jpg
Select_User_Groups2.jpg


15. To Select Your User Account name
A) Click on the Advanced button. (See left screenshot above)​
B) Click on the Find Now button. (See screenshot below)​
C) Under Search results, click on your user account name to highlight it.​
NOTE: For example, Moderator. If this is for something like a Flash USB drive, you may also want to select Everyone and give it full permission to. This way you will be able to access it from any user account.
D) Click on OK.​
Advanced_Select.jpg


16. Click on OK. (See right screenshot above step 15)​
17. Click on your user account name to highlight it. (See screenshot below)​
NOTE: For example, Moderator (Computer Name/Username)
18. Check the box for Full Control.​
NOTE: For more information on these permission choices, see: Windows Help and How-to: What are Permissions?
19. Click on OK.​
NOTE: For a Registry Key, you will not see steps 20 and 21. Go to step 22.​
Permissions2.jpg

20. Click on Yes in Windows Security pop-up. (See screenshot below)​
Confirmation.jpg

21. Click on OK. (See screenshot below step 11)​
22. Your Done. You can now delete or modify the item.​
23. If you wanted to, repeat the steps and change the Owner back to the previous owner you noted from step 5 above.​
That's it,
Shawn



 
Last edited by a moderator:
Shawn Brink

Comments

Thank you, this worked for me.

One note to add; in the Change Ownership screen, mine had a check box for "Replace owner on subcontainers and objects" which I used.

Thanks very much for the fix. -mark
 
Mark,

I'm glad to hear it. Thank you for the note and the feedback. The post has been updated.

Shawn
 
Unfortunately, I didn't have that check box. Also, under Owners, there were multiple entries. I was able to take full control of all but one ... it was titled Users that was inherited from the Windows folder used in the example above. Anyway, I think I can avoid those nagging "need permission" messages when I the only one using this damn thing!
 
Update. I went to Properties for the Windows folder and on that one, the check box did appear.

I have two owner options: "Administrators ([name]-PC\Administrators" or "[name]-PC\[name]".

If I want full control of my system, which would you suggest I use?
:(
 
Hi UrbanPioneer,

Use the one for your User account name to be as the Owner. "your username (Computer Name/Administrator)"

Shawn
 
Tried both methods in normal and in safe mode. I have ownership now but access is still denied.

I just installed Vista a few days ago on the 10GB boot C: partition. The problem is on D:, a 101GB partition of the same disk on which Vista is installed. I have installed a couple of programs on D: and moved the My Documents folder there because there's only about 2GB left on C:.

The problem consists of just two folders on D: and their subfolders left from before Vista was installed: Windows (0KB), which contains one file of 0KB, and Documents and Settings, which contains only Owner, its subs (Desktop and My Documents), and their subfolders and files consuming 1.35GB. I am able to read some files in some of these folders but cannot modify, move or delete any of them and cannot even open most of the folders (am told I need permission).

Prior to installing Vista, the larger partition was the XP boot drive and the smaller one held the XP recovery files. XP had gotten so badly corrupted on this machine that I made no attempt to retain it. The Vista installation formatted the small partition but left the large one alone. Apparently, the above-mentioned Owner folder on the large partition was formerly a system file, and that is why Vista won't let me touch anything in it.

I guess I could just ignore this – its only 1.35GB – except that
1. it’s confusing and
2. my virus scanner keeps reporting a couple of Trojans in these folders, which it cannot heal, quarantine, or delete because it lacks permission. I really want to get this stuff off the disk. I will appreciate any other suggestions.
 
Hi Pls,

Welcome to the forum.

It sounds like you may have ran into a file called "Junction Points" or "Reparse Points". These files cannot be modified by the user. You can read more about these here:

NTFS reparse point - Wikipedia, the free encyclopedia

If you are not having any problems with it, I would just ignore it until the next time you decide to do a clean install. When you do, delete both partitions and create just one for the hard drive, then format and install Vista.

Shawn
 
Last edited:
Sorry to revive a dead thread, but just a quick question. Can you take ownership of a whole folder using the above methods, or just individual files?
 
Hi OmegaWolf747,

Yes, you can take ownership of a folder and all of it's contents. Just check the box for Replace owner on subcontainers and objects. See the NOTE under step 8 above.

Shawn
 
I hit the ownership problem after I repartioned a drive.
I used "E:\>takeown /f * /R /D Y" to take ownership of all files on the new logical drive.
This was successful but I then had to amend permissions for some folders.
Does the ICACLS command have a generic option that would work for all files and folders on a logicl drive?
 
Hi Hairy Scot,

You should be able to just use the drive letter for the full path. EX: takeown /f C:\ and icacls C:\ /grant (your username):F

You can also use Method Two and right click on the drive in Computer from the Start Menu. Just make sure you check the box when you get to step 8 to include all subfolders and files.

Hope this helps,
Shawn
 
Hello, I have a slightly complicated issue when trying to remove one of my folders.

I have attempted both of your methods, but they both failed. Perhaps this is because the folder I am trying to delete is from an old version of a Symantec antivirus program that I no longer use. The majority of the program is deleted, however in order to install my new one, I still have to delete the following .dll files within that folder:

IMCfg.dll
ISDataCl.dll
isRes.dll
NavShExt.dll
SetEvtHp.dll

Is there anything that can be done about these files? Taking ownership of the entire folder did no good unfortunately.

Thanks
 
brink,

Here's my situation.

I work for a company who would like to upgrade all their computers to Vista Business 32-bit. This company has Engineers who coded almost all programs that the employees are using.

At a beginning of the employees shift (currently within Windows XP Prof 32-bit) they run a batch file (.bat) that copies updated files from servers on the network, then registers those files ('regsvr32 mci32.ocx /s' is one of the command line executions, for example). There is a file that is called within the batch file called 'epal.exe' that calls another batch file that lists all the commands (the 'epal.exe' application is used at the beginning of the command line execution with the second batch file name after it like a argument; example: epal.exe updateNT.bat).

I heard that you need to disable the UAC to accomplish this.

I've found out that this commandline statement execution will disable the UAC (and another statement to enable UAC afterwards):
C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f


I have three inquiries:
1) I understand that to initiate the disableing of the UAC, you need to right-click on the file and choose, 'Run As' and put in an administrator password to actually run the first batch file, which really doesn't help my situation, because the user executing the batch file has the lowest privilege level set for themselves.
From reading your detailed writings about taking ownership of files/folders, I'm wondering if this UAC approach will even work. Any thoughts?

2) Do you know of a way to set ownership of the batch file from the command line, if the cmd.exe program was executed by someone who is not set as administrator, but at a much lower level?

3) Based on the particular scenario listed above (by how employees need to be able to run a batch file that, indirectly registers DLL files), do you have any suggestions on how to do this (without giving the employees administrator access through their entire shift; just the execution of the update batch file is needed with administrator access)?

Any suggestions would be greatly appreciated as I'm running out of options and we really want to move up to Vista.

Thank you for your time. :)
 
Hi Jlroper,

Welcome to Vista Forums. :party:

I do not know of how you can execute it without applying permission first for the batch file. Are the computers on a network domain? You might try using something like Remote Desktop or Remote Assistance to send the batch down from an Administrator account to all the other computers instead of letting the user do it.

Shawn
 
Top