Domain Admin can't delete or take ownership of file

Posted on 2006-06-06
Last Modified: 2008-04-03

I was trying to delete some old home directories on the file server, but I have come across some folders with a single small hidden file (ntuser.pol) that won't go away.  

I can see it, but I cannot open it, much less delete it.  When I try to take ownership of the file, the procedure seems to work, but as soon as I try to apply permissions to the file so I can delete it, I am denied.

In the security tab, I can see that the SYSTEM account has full control, but when I log in as SYSTEM (ala psexec), I still can't delete the file (access denied).

how kill these files?

Question by:Marketing_Insists
    LVL 48

    Expert Comment

    Hi Marketing_Insists,
    don't delete that file

    An archive file on client computers that is updated each time the Administrative Templates CSE sets a policy setting. As processing completes, an Ntuser.pol containing the history of applied registry based policies in the Group Policy managed policies tree is written to the root of the user’s profile containing user policy settings and to the “all users” profile containing computer policy settings.(%Allusersprofile%\ntuser.pol for computer policy and %userprofile%\ntuser.pol for user policy.)

    Author Comment

    Ah, but these are home directories of roaming users who have left the company.  the remaining .pol file is the only existing file after a otherwize effective rd /s /q jdoe.

    It dosn't happend all the time, just one out of every 10 previous users have this lingering element.

    LVL 48

    Expert Comment


    ah i see i see, you can try from safe mode

    or try this app
    LVL 51

    Expert Comment

    If Safe Mode doesn't work, then use the Recovery Console.

    LVL 2

    Accepted Solution

    When you say that you're taking ownership, are you simply adding your domain admin account to the security tab with full control, or are you going into Advanced->Owner and clicking on the admin account under Change owner to: ?

    I've ran into this in the past and gotten around it by replacing owner on subcontainers and objects as well.


    Author Comment

    Bummer me, it was the sub-containers that were the issue

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
    Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now