When attempting to fix permissions on a roaming profiles share.
I first took ownership of all files + subfolders for the administrator.
then edited the ACL to grant "domain admins" full control of all the folders.
When trying to change the ownership back to the original owners, i'm getting:
Error: This security ID may not be assigned as the owner of this object. (Msg#54
when checking permissions via the GUI, the user account has full control.
the command being run is
ls.vbs folder /E /O DOMAIN\user /F /T
based on http://support.microsoft.com/kb/825751
the syntax seems correct, NTFS perms should allow the owner to be changed to that user.