How Can I Take Ownership of a File or Folder By Using a Script?

How Can I Take Ownership of a File or Folder By Using a Script?

  • Comments 5
  • Likes
Hey, Scripting Guy! Question

Hey, Scripting Guy! How can I take ownership of a file or folder using a script?

-- RV

SpacerHey, Scripting Guy! AnswerScript Center

Hey, RV. Interesting question. In the past, the Scripting Guys have tried to take ownership of a Porsche 911, beachfront property in Hawaii, and the New York Yankees; all of those efforts failed. Considering our track record, we weren’t sure what would happen if we tried to take ownership of a file or folder. (Although as long as we weren’t issued yet another restraining order we figured it couldn’t be too bad.)

As it turns out, taking ownership of a file or folder is child’s play. (Assuming, of course, that the child in question has been granted the NTFS permission enabling him or her to take ownership of the file or folder.) The following script might not be as good as a beachfront property in Hawaii, but it’s awfully close:

strComputer = "."

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colFolders = objWMIService.ExecQuery _
    ("Select * From Win32_Directory Where Name = 'C:\\Scripts'")

For Each objFolder in colFolders
    objFolder.TakeOwnershipEx
Next

If you’re thinking, “Man, this looks like a run-of-the-mill WMI script,” well, you’re right: it is a run-of-the-mill WMI script. We start off by connecting to the WMI service on the local computer (although we could just as easily run this script against a remote computer). We then use this line to retrieve a collection of folders; in this case, all the folders that have the name C:\Scripts:

Set colFolders = objWMIService.ExecQuery _
    ("Select * From Win32_Directory Where Name = 'C:\\Scripts'")

Two things to note here. First, because we want to take ownership of a folder we use the Win32_Directory class. What if we wanted to take ownership of a file? Well, then we’d need to use the CIM_DataFile class. Here’s an example of a query that would bind us to the file C:\Scripts\Test.vbs:

Set colFolders = objWMIService.ExecQuery _
    ("Select * From CIM_DataFile Where Name = 'C:\\Scripts\\Test.vbs'")

Second, note that we have to double-up any \ characters in our path; thus C:\Scripts becomes C:\\Scripts. That’s because the \ is a reserved character in WMI; because of that, any time we need to use a \ in a WQL query we have to “escape” that character. In this case, “escape” is just a fancy way of saying use two \’s instead of one. (Or, in the case of a UNC path, four \’s instead of two; thus \\atl-fs-01\public becomes \\\\atl-fs-01\\public.)

As you know, calling the ExecQuery method gives us a collection of folders (although this particular collection contains only a single folder, C:\Scripts). To take ownership of each item in the collection we set up a For Each loop and then, for each of those items, call the TakeOwnershipEx method:

For Each objFolder in colFolders
    objFolder.TakeOwnershipEx
Next

The TakeOwnershipEx method enables us to take ownership not only of the folder C:\Scripts but also any subfolders found in C:\Scripts. If you don’t want to take ownership of the subfolders then use the TakeOwnership method instead. In that case your For Each loop would look like this:

For Each objFolder in colFolders
    objFolder.TakeOwnership
Next

So there you go, RV. The next time some guy whizzes past you in a Porsche remember this: he might have the fancy sports car, but you have a script that enables you to take ownership of a file or folder. If that doesn’t wipe the smile off the face of Mr. Porsche Driver we don’t know what will.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • Good stuff, but I am having an issue translating this in to taking ownership of a nk2 file and creating the %AppData% reference in the script. My understanding is that I need to double up on \ path info so the script will behave properly. I was a bit surprised to find that my vbs that I created to move this file was getting an access denied error and when I looked at the file perms it did say that I was the owner so I didn't think to modify it.  I came back around after fighting this for a while and decided to just go through the motions of taking ownership.  Once I did the .vbs worked.  I am sure there is a way to account for the %AppDsata%, but at the moment I am unsure how to go about this.  I need to be able to have users run this from their DT in order to transfer the file to their profile on a TS.

  • How could we set ownership for a specific domain user?

  • How about taking owneship of a corrupt win7 registry key? (Yep even the mighty Win 7 Ultimato gets stuff wrong:) )

  • Why stop at one file?  How can I take ownership of multiple files?  All files matching a wildcard?  In the current directory?  

  • Nice one. I used this script in a Computer-side GPO to target all of the user profile desktop directories to remove the users' ownership to them. We can't use Folder Redirection to redirect the folder, so running this script at computer boot, and another script at user login to make the desktop folder read-only locks down the desktop folder. The script below targets all of our production users as the AD accounts are numeric:

    strComputer = "."

    Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

    Set colFolders = objWMIService.ExecQuery _

       ("Select * From Win32_Directory Where Name LIKE 'C:\\Users\\[0-9]%\\Desktop'")

    For Each objFolder in colFolders

       objFolder.TakeOwnershipEx

    Next

    It would be nice if I could target the local administrators group. Since the GPO is running this it uses the System account. I'd have to dig into this a bit deeper but for now, this works.

    - T.