NT Gatekeeper--Changing Ownership from the Command Prompt

In April 2001, InstantDoc ID 20204, you mentioned tools that help reset NTFS and share permissions from the command prompt. In my file servers' housekeeping scripts, I want to include a tool that can reset NTFS file and folder ownership. I haven't found such a tool in the Microsoft Windows NT Server 4.0 Resource Kit. Can you help?

The resource kit does contain a tool that can set ownership from the command prompt: the Subinacl (subinacl.exe) tool. You can use the tool to set ownership both on NTFS and on registry objects. On the NTFS level, you can set ownership on files, folders, and all the files and folders in a folder. Here are some sample uses for subinacl.exe.

  • This command sets the owner of all files and folders in the C:\mydata folder to user jandeclercq, a member of the Compaq domain:
subinacl /subdirectories C:\mydata\*.* /setowner=compaq\jandeclercq
  • This command sets the owner of all files of type *.txt in the C:\mydata folder to user jandeclercq:
  • subinacl /file C:\mydata\*.txt  /setowner=compaq\jandeclercq

    In these examples, the /file and /subdirectories switches specify the object type or types to which the OS applies the Subinacl command. The /setowner switch specifies the action that Subinacl will perform on the selected objects. For a complete overview of Subinacl's syntax, refer to the resource kit's Help file.

    Instead of Subinacl, you can use the freeware Setfile (setfile.exe) tool. You can download Setfile from Peter Verhas's Web site at http://peter.verhas .com. You can also use Setfile to change a file's creation time, last access time, and modification time. This command sets the ownership of the file ntgatekeeper.doc to user jandeclercq:

    Setfile /owner=compaq\jandeclercq C:\mydata\ntgatekeeper.doc

    Like Subinacl, Setfile can handle wildcards. If you want to apply the ownership change to subfolders or to files within those subfolders, use the /rec switch. This command sets the ownership to jandeclercq for all *.doc files in the C:\mydata folder:

    Setfile /owner=compaq\jandeclercq /rec C:\mydata\*.doc
    Hide comments


    • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

    Plain text

    • No HTML tags allowed.
    • Web page addresses and e-mail addresses turn into links automatically.
    • Lines and paragraphs break automatically.