How to resolve orphaned file ownership in windows 2008

Here’s something I was looking at this morning, which is not an uncommon problem I think. I was doing some disk cleaning for a customer and some extremely large files that we needed to remove were locked and inaccessible even by a local administrator on the machine. There are multiple reasons why this can occur, but in this case it was because the original file was created by a domain user account which had subsequently been disabled.

This meant that if you tried to delete the file, or take ownership of it using standard windows controls you would be refused access.

In this case I resolved using the takeown command line tool that comes directly in windows

http://technet.microsoft.com/en-us/library/cc753024(WS.10).aspx

It was actually a 3 stage process.

1. Run takeown with the /F switch to grant ownership to the current user (if you want you can grant ownership to a different user) but I simply logged on as a local administrator and took ownership using this login.

2. Following this you have ownership but you still can’t delete or move the file. You need to go into the security tab and explicitly grant access to a login (can include yourself) to give the new user full control

image

3. Once this is complete you can simply delete the file using the account you have granted permission to. (Before using takeown you are unable to access this security tab.)

It’s probably more sensible to grant the permission to an administrative group in the longer term, if you’re not just simply deleting the files. It’s worth noting as well that takeown can do the same functions to groups of files or directories themselves, all of which can experience the same problem.