Take Ownership of Folders

Please, could anyone let me know how I can change a folders ownership in Powershell ? I have tried the following :

$FTPPath = "c:\test"
Get-Acl $FTPPath | Format-List
$ACL = Get-Acl $FTPPath
$Rule = New-Object System.Security.AccessControl.FileSystemAccessRule("TESTFTP","FullControl")
Set-Acl $FTPPath $ACL

The above works for adding permissions to a folder but need to know how to take ownership.

Who is Participating?
CaussyRConnect With a Mentor Author Commented:
After a lo9t of research I found this page : http://gallery.technet.microsoft.com/scriptcenter/1abd77a5-9c0b-4a2b-acef-90dbb2b84e85

File System Security PowerShell Module 2.3 from Microsoft.

Thanks for all you assistance.
Patrick BogersDatacenter platform engineer LindowsCommented:

This peace of code should do some magic.

$acl = (Get-Item $path).GetAccessControl("Access")

# Setup the access rule.
$allInherit = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit", "ObjectInherit"
$allPropagation = [System.Security.AccessControl.PropagationFlags]"None"
$AR = New-Object System.Security.AccessControl.FileSystemAccessRule $user, $permissions, $allInherit, $allPropagation, "Allow"

# Check if Access already exists.
if ($acl.Access | Where { $_.IdentityReference -eq $User})
    $accessModification = New-Object System.Security.AccessControl.AccessControlModification
    $accessModification.value__ = 2
    $modification = $false
    $acl.ModifyAccessRule($accessModification, $AR, [ref]$modification) | Out-Null

Set-Acl -AclObject $acl -Path $Path
CaussyRAuthor Commented:
Could you let me know what the following variables should be set to :

$user, $permissions, $allInherit, $allPropagation

I am also seeing the following error :

Get-Acl : A positional parameter cannot be found that accepts argument 'System.Security.AccessControl.DirectorySecurity'.
At line:3 char:1
+ acl = (Get-Item $path).GetAccessControl("Access")
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Get-Acl], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.GetAclCommand
New-Object : Cannot find an overload for "FileSystemAccessRule" and the argument count: "5".
At line:8 char:7
+ $AR = New-Object System.Security.AccessControl.FileSystemAccessRule $user, $perm ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [New-Object], MethodException
    + FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand
Exception calling "AddAccessRule" with "1" argument(s): "Value cannot be null.
Parameter name: rule"
At line:20 char:5
+     $acl.AddAccessRule($AR)
+     ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : ArgumentNullException
Set-Acl : The security identifier is not allowed to be the owner of this object.
At line:23 char:1
+ Set-Acl -AclObject $acl -Path $Path
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (C:\Temp\Test:String) [Set-Acl], InvalidOperationException
    + FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.PowerShell.Commands.SetAclCommand

Do I need any particular module loaded in Powershell ?
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

If you just want to set the owner then the following code should work..

$acl = Get-Acl $FTPPath
$acl.SetOwner([System.Security.Principal.NTAccount] “subsun“)
Set-Acl $FTPPath $ACl

Open in new window

CaussyRAuthor Commented:
From your advise, I did the following :

$FTPPath = 'c:\temp\test'
$acl = get-acl $FTPPath
$acl.SetOwner([System.Security.Principal.NTAccount] "domain\Caussyr")
set-acl $FTPPath $acl

But the error I get now is,

set-acl : The security identifier is not allowed to be the owner of this object.
At line:4 char:1
+ set-acl $FTPPath $acl
+ ~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (C:\temp\test:String) [Set-Acl], InvalidOperationException
    + FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.PowerShell.Commands.SetAclCommand
SubsunConnect With a Mentor Commented:
It looks like a bug in Get-acl...

You can use the module which you found the TechNet script gallery or you can use the function from following article..

CaussyRAuthor Commented:
Through searching I found out that Microsoft have a simple module that can be imported for ACL.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.