Non-existant account is owner of folders/files

Last summer we moved from a multiple domain NT 4.0  structure to a single domain Windows 2000 and AD. I have now found some folders and files in the users home folder that neither the user, administrator or domain administrator is able to access. Most of them are in thier ...\history\history.ie5 folders. I think that the owner of these folders/files is their account from the old NT domain that no longer exists. The only way we can gain access to them is by having an administrator take ownership of them and then change the acls on them so the user can get access to them again.
My question is... is there a command-line utility that would allow me to script this en-mass? I've tried xcacls.exe, subinacl.exe, fileowner.pl and takeowner.exe. The only one that seems to work is takeowner.exe but it doesn't have a resurse subdirectory option. I'd even settle for a way to 'blow-away' the folders if that's as good as I can get.
Thanks in advance for any help you can provide.
tom-harmonAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

alimuCommented:
xcacls will do this recursively
http://www.jsiinc.com/SUBK/tip5100/rh5171.htm#3

something like> xcacls *.* /T /E /G administrator:F;O /Y
(the /T recurses subdirectories, /E is edit so you don't wipe out existing permissions, /Y will stop it asking you for confirmation,  F is Full Access, O is Ownership)
but check the syntax out to see exactly what you want.
0
tom-harmonAuthor Commented:
Yes, I've tried xcacls data /t /e /c /g administrator:f;o /y  
It works on all the folders and files up to the point of the first folder or file that I trying to change. It then stops and gives me a "unable to perform a security operation on an object that has no associated security."
If I run it without the /e for edit I get the message "The filename, directory name, or volume label syntax is incorrect" when it gets to the first folder or file that I'm having the problem with.
0
alimuCommented:
ok - possibly a silly question but is your partition FAT or NTFS?
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

alimuCommented:
If your partition is NTFS (which is what I hope it is) and you're having no joy with xcacls you could try another tool like supercacls http://www.trustedsystems.com/scacls.htm

Another thing to try is getting filemon from www.sysinternals.com and checking what's happening when the failure occurs (i.e. exactly what your problem file/folder is called).
Check you are able to view the ACL/take ownership on the problem file/folder directly (i.e. right-click, properties, security, etc)

0
swinterbornCommented:
Try out one of the chown utilities. It only changes the owner, but once thats changed, you should be able to use xcacls. We use one as part of our standard toolset.

Theres loads around,
http://wwwthep.physik.uni-mainz.de/~frink/chown/readme.html
http://info-x.co.uk/files.asp?id=4
http://gnuwin32.sourceforge.net/packages/fileutils.htm

Chown is a standard unix tool, theres been loads of ports into Windows. If none of these 3 do the trick, a google for "chown download windows" returned 77000 results, so one of them has to work.

HTH



0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tom-harmonAuthor Commented:
The chown utility from the uk link did the trick.

Thanks much for all of your help!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.