Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 470
  • Last Modified:

Giving Ownership ...

OK, here's a quick, yet somehow amazingly annoying question.

As an administrator, you can TAKE ownership of a file .. but you cannot GIVE ownership of a file.

Straight from the Microsoft website:

"You can transfer ownership two ways:
          The current owner can grant the Take ownership permission to others,
          allowing those users to take ownership at any time.
          An administrator can take ownership of any file on the computer. However,
          the administrator cannot transfer ownership to others. This restriction keeps
          the administrator accountable."

Do you read that .. it KEEPS THE ADMINISTRATOR ACCOUNTABLE. Is there really *NO* *WAY* to give ownership of a file to someone? If there is no way to do that, the ENTIRE quota management system is a big piece of crapola...

As the administrator, I should be in TOTAL control of what goes where and who owns what.

Is there no way to do a Unix-Like CHOWN command? This should be VERY simple to do.

Any help here?
0
davidzarnitzky
Asked:
davidzarnitzky
1 Solution
 
frankaCommented:
there are many commercial tools that are able to do that, but this probably the best, if you have the reskit oder technet.


Using SubInACL from the

NT oder win2k reskit

you can set ownership on a folder using the following syntax:

subinacl /subdirectories <FolderPath> /setowner=<DomainName\UserName>

To set ownership for all the <FolderPath> objects:

subinacl /subdirectories <FolderPath>\*.* /setowner=<DomainName\UserName>



0
 
embCommented:
See:

http://wwwthep.physik.uni-mainz.de/~frink/nt.html

for an NT implementation of CHOWN.  Not sure if it works on Win2K but it uses the Win32 API so I can see no reason why not.

emb

0
 
embCommented:
Incidentally, your comment that "As the administrator, I should be in TOTAL control of what goes where and who owns what." doesn't quite fit in with the philosophy of discretionary access control that NT attempts to follow.  By this principle, it is down to the end user to decide who has access to their files, which might include preventing administrator's from reading them.  In fact it is for precisely this reason that it is not supposed to be possible to "give" ownership of NT files...an administrator can take owenership of files and look at them, but can't give ownership back to cover their tracks.  Of course, the clever administrator will take ownership, read the file, then restore it from backup with its original permissions...or use one of the chown like commands which do the "impossible".

emb
0
 
cempashaCommented:
Dear questionner/expert(s)

No comment has been added lately, so it's time to clean up this TA.
I'll leave a recommendation in the Cleanup topic area that this question is to be:

- Answered by: franka

Please leave any comments here within the next seven days.

==> PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER ! <==

PaSHa

Cleanup volunteer



0
 
moduloCommented:
Finalized as proposed

modulo

Community Support Moderator
Experts Exchange
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now