We have a windows 2003 server that is on a domain. We have a file that was created by windows update, under c:\winnt\softwaredistribution\datastore\logs\edbtmp.log. We are getting errors in our event log because the file cannot be deleted, access is denied.
I am logged into the server under the domain administrator. When I view the security settings, both Add and Remove are greyed out. When I view advanced, Add and Remove are still greyed out and I can only click on View. When I click on the Owner tab, it says "You only have permission to view the current owner on edbtmp.log". The existing owner is servername\Administrators. I am unable to take ownership of the file when I am logged in as the domain administrator or as the local administrator. I even tried changed the owner of the parent folder and tried to set permissions on the child nodes, but that was denied.
I have tried using the takeown command, tried using subinacl, and tried icacls, but nothing is letting me change the permissions of this file or take ownership. We had this same problem with some other non system files, and had to eventually log in as a obscure domain account that supposedly ended up having permissions.
The strange thing is that servername\administrators has full rights, according to the security tab and when viewing icacls on that file. I have never seen this before and not sure what would be causing it.