Solved

ownership

Posted on 1998-01-26
10
486 Views
Last Modified: 2013-12-23
Is there a utility to give away ownership of a file/folder?

Thanks
0
Comment
Question by:jmprice
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 4

Accepted Solution

by:
TimCaturaHouser earned 50 total points
ID: 1570648
You have GOT to be joking!

That would violate DoD C-2 (Orange) Security!

If such a thing was ever created, Ms would have a patch out so fast, the modems wouldn't finish disconnecting from a session, before Redmond would 1) Issue a patch. 2) Hire a foreign assassin to take care of the programmer who wrote it.

The war between Novell and Ms over C-2 Security is not something either side takes lightly. (Even if the commerical world doesn't understand the true defination of C-2 (any color) or that C-2 is only one click higher than the lowest grade (D-x) ) They here DoD
(Dept. of Defense) and figure there business is safe. Bad assumption, but that is marketing, vs. engineering.  To give away rights or permissions, well that would make nt no more secure than '95!


0
 
LVL 5

Expert Comment

by:snimmaga
ID: 1570649
I don't know about this, if the question was that deep compromising C2 security.  If the question is "Is it possible to take ownership of a file or a folder", THEN I would say 'YES'.
All you need to take ownership of a file is the USER RIGHT, 'TAKE OWNERSHIP OF A FILE OR OBJECTS' from Policies+UserRights in the User Manager.  I guess Admins and Power Users have this by default.  But ofcourse you can give this to anybody.  Once the ownership is transfered you can revoke the right.
Ps: It is rather TAKE OWNERSHIP, not, GIVE OWNERSHIP.  
Good Luck,
Srini.
BTW, once you have the right to take over, all you need to do is to right click on file/folder - go to properties.  You will find 'Take ownership' on of the tabs of the window (I think Security).

0
 
LVL 4

Expert Comment

by:TimCaturaHouser
ID: 1570650
Hello snimmaga!

The question was Give, not take. Prehaps that is not what the question was meant to be. Giving ownership would be a major violation of security. I can see it now. I go in and mess with accounting, steal 250,000, and give owership of the account to you. Who would the cops be looking for? You, not me.

You are correct on how to take ownership, right down to the security tab, then one warning is given. Say yes, there your files/directories, (assuming valid rights), and you cannot give them away. Nor could I take ownership of accounting, take money, and give it back to accounting.

DoD security is a marketing deal for both Novell and Microsoft. It demostrates the brief blurb I have outlined, cannot be done,
at least not without access to desktops and passwords.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Expert Comment

by:snimmaga
ID: 1570651
I guess this is too much of arguing on an invalid subject, here. JMPRICE, should come up and clarify what his question is about GIVE/TAKE.  
Srini.
0
 
LVL 4

Expert Comment

by:TimCaturaHouser
ID: 1570652
Srini, I agree that the topic may have been incorrectly stated. Again, you are completely on-track with Taking ownership. I have been able to change the name of a member server (not a PDC), and had to take ownershihip as the administrator of the data files, then once they had something besides UNKNOWN, was able to add rights for the users, then remove myself.

No such luck with a PDC. But, useful tidbit in some cases. Again, thanks for your excelent presentation on taking ownership!

Look forward to hearing from you soon.
Tim
0
 
LVL 1

Expert Comment

by:kuk010998
ID: 1570653
It *is* possible to 'give' ownership of a file system object to another account - using the Backup/restore special right with Win32 API functions. How else could scopy work? I´ve done it - only had problems doing it to directories. Maybe I should also have looked into the ImpersonateClient functions...
0
 
LVL 4

Expert Comment

by:TimCaturaHouser
ID: 1570654
Thanks Kuk!

Could you Please! Detail further how this would work?
If you can create a step by step, you would be famous!
0
 
LVL 1

Expert Comment

by:kuk010998
ID: 1570655
TCH - omigod, that´s years ago (about 3)... Let me see if I can find *those* sources (I connected jukeboxes to NT Servers when there were no drivers and did the software meself). Could take a while. And then I could only tell which API Functions / Parameters are involved, you´d need C and the SDK to do the utility - I don´t think jmprice wants to hire me to do this pgm. BTW, has anyone checked with ntinternals? the OSR guys are good at this kind of stuff.
0
 
LVL 5

Expert Comment

by:snimmaga
ID: 1570656
Kuk, BTW, could you please tell me what kind of Juke boxes you used on NT Servers and also the software for the optical file system?   I posted a question in the NT General questions area.  I have all kinds of problems with Panasonic PD/CD Juke box.  Could you please comment on this.... Thanks.
Srini.
Sorry guys for that I brought up something entirely different.  

0
 

Author Comment

by:jmprice
ID: 1570657
Wow, quite a converstation going on about this.  I was talking about giving ownership.  It can be done from a mac connected to the nt server (sharing properties), where you just type in the owner name...  The reason I ask is because we share all of the user's home dirs, so when I create a user, nt says it cannot create the directory \\servername\username of course, because the folder hasn't been shared yet.  so I create the homedirs, but then administrator is the owner.
Thanks for all the comments!


0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
An article on effective troubleshooting
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question