Hey, Scripting Guy! How Can I Use Windows PowerShell to Determine the Owner of a File?

Avatar

Hey, Scripting Guy! Question

Hey, Scripting Guy! Is it possible to determine the owner of a file using Windows PowerShell?
— GF

Spacer Hey, Scripting Guy! Answer Script Center

Hey, GF. Well, today is April 15th, which, in the US, can mean only one thing: it’s time to celebrate the birthday of Italian mathematician Pietro Antonio Cataldi, best known for discovering the sixth and seventh Mersenne primes. Pietro, who developed the first notation for continued fractions, was born on this day in 1552. Happy birthday, Pietro!


Coincidentally, April 15th is also Tax Day in the US, the last day on which Americans can submit their income tax returns for the previous year. Needless to say, for many Americans April 15th is a very stressful day. For other Americans, however, April 15th isn’t the least bit stressful; that’s because the US has a long history of people who believe that the government has no right to collect income taxes and therefore decide not to pay their taxes. For example, in 1997 actor Wesley Snipes (recently convicted on three counts of failure to pay income tax) reported an income of $19,238,192. Not only did Wesley decline to pay any taxes on that income, he actually demanded a refund of $7,360,755. Interestingly enough, his own lawyers termed his positions on income tax “kooky,” “crazy” and “dead wrong.”


Which, coincidentally enough, are the exact same phrases that were sprinkled throughout the mid-year performance review of the Scripting Guy who writes this column.


Oh, and did we mention that Wesley Snipes was recently convicted on three counts of failure to pay income tax? That’s usually what happens to people who decline to pay their taxes or file a tax return.


As it turns out, the Scripting Guy who writes this column isn’t stressing out today, either; that’s because he submitted his tax return well in advance of today’s deadline. (On Sunday, April 13th, to be exact.) Admittedly, that might sound like he was cutting it a little close. He wasn’t concerned, however, because he knew he could complete his tax return in less than hour; needless to say, it doesn’t take him anywhere near as long to count his money as it takes Wesley Snipes to count his.


And no, that’s not because the Scripting Guy who writes this column is a really fast counter.


Best of all, getting his taxes done early turned out to have multiple benefits for the Scripting Guy who writes this column. For one thing, submitting his tax return helped him avoid going to prison for income tax evasion; that’s usually a plus. For another, filing early also gave him time to figure out how to determine the owner of a file (or folder) using Windows PowerShell.


Although, in all honesty, he didn’t need all that much time to do that, either:

Get-Acl C:\Scripts\Test.txt

Believe it or not, that’s the entire script; all we have to do to determine the owner of a file is call the Get-Acl cmdlet, passing Get-Acl the path to the file in question. In turn, Get-Acl will report back information similar to this:

Directory: Microsoft.PowerShell.Core\FileSystem::C:\Scripts

Path Owner Access
—- —– ——
Test.txt FABRIKAM\kenmyer BUILTIN\Administrators Allow FullCo…


Not bad, huh? If all you care about is the name of the owner then pipe the results to the Select-Object cmdlet, like so:

Get-Acl C:\Scripts\Test.txt | Select-Object Owner

That will give you information similar to this:

Owner
—–
FABRIKAM\kenmyer

Or, if you’d like to see the complete security descriptor, pipe the output to the Format-List cmdlet:

Get-Acl C:\Scripts\Test.txt | Format-List
Path   : Microsoft.PowerShell.Core\FileSystem::C:\Scripts\Test.txt
Owner : FABRIKAM\kenmyer
Group : FABRIKAM\Domain Users
Access : BUILTIN\Administrators Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
FABRIKAM\kenmyer Allow FullControl
BUILTIN\Users Allow ReadAndExecute, Synchronize
Audit :
Sddl : O:S-1-5-21-1454471165-1004336348-1606980848-8183G:DUD:AI(A;ID;FA;;;BA)(A;ID;FA;;;SY)
(A;ID;FA;;;S-1-5-21-1454471165-1004336348-1606980848-8183)(A;ID;0x1200a9;;;BU)

If we had to guess, we’d guess that Wesley Snipes didn’t mean to ignore the April 15th deadline for filing his tax return. He probably just got caught up in the fun and excitement of working with file ownership scripts, and forgot all about paying his taxes.


For example, suppose Wesley wanted to get a list of owners for all the files in the folder C:\Scripts. That’s no problem; after all, the Get-Acl cmdlet does accept wildcard characters:

Get-Acl C:\Scripts\*.*
    Directory: Microsoft.PowerShell.Core\FileSystem::C:\Scripts

Path Owner Access
—- —– ——
Example.txt FABRIKAM\kenmyer BUILTIN\Administrators Allow FullCo…
Test.txt FABRIKAM\pilarackerman BUILTIN\Administrators Allow FullCo…
Trial.txt FABRIKAM\kenmyer BUILTIN\Administrators Allow FullCo…


Pretty cool, huh? Of course, while Get-Acl does accept wildcard characters, what it doesn’t accept is some sort of –recurse parameter that would enable you to retrieve the owners of all the files located in any subfolders of C:\Scripts. But that’s OK, too; after all, the Get-ChildItem cmdlet does accept the –recurse parameter. That means we can retrieve the file owners for all the files in C:\Scripts and its subfolders by using this command:

Get-ChildItem C:\Scripts -recurse | ForEach-Object {Get-Acl $_.FullName}

There’s nothing particularly complicated about that command, either: we simply use Get-ChildItem and the –recurse parameter to retrieve the collection of files found in C:\Scripts and its subfolders, then pipe that collection to the ForEach-Object cmdlet. In turn, we ask ForEach-Object to run the Get-Acl cmdlet against each and every file in that collection, using the value of the FullName property as Get-Acl’s file path parameter.


Is that going to work? Hey, come on: have you ever known the Scripting Guys to do something that didn’t work?


Well, OK. But the command we showed you will work. Promise.


Who would have guessed that file ownership scripting could be so much fun, eh? In fact, like Wesley Snipes, we’re having such a good time today we thought we’d try one more script. It is pretty cool that you can determine the owner of a file by running a simple little Windows PowerShell script. But you know what would be really cool? It would be really cool if you could take ownership of a file by running a simple little Windows PowerShell script. You know, maybe a script like this one:

$objUser = New-Object System.Security.Principal.NTAccount(“fabrikam”, “kenmyer”)
$objFile = Get-Acl C:\Scripts\Test.txt
$objFile.SetOwner($objUser)
Set-Acl -aclobject $objFile -path C:\Scripts\Test.txt

Much like the Scripting Guy who writes this column’s income for the year 2007, there’s really not much to this script. In line 1 we use the New-Object cmdlet to create an instance of the System.Security.Principal.NTAccount class, a .NET Framework class used to represent a user account. When creating an instance of this class we need to pass two parameters: the name of our domain (fabrikam) and the name of our user account (kenmyer).







Note. That’s a good question, and as far as we know the answer is this: assuming you want to stay out of jail then, yes, you do have to pay income tax in the US. As for your other question, the answer is no: although you can take ownership of a file using Windows PowerShell, we don’t believe that you can give ownership of a file to someone else. To transfer ownership to another user you’ll need to use the Windows Resource Kit utility Subinacl.exe.


As far as we know, anyway.



After we create an instance of the NTAccount class we use the Get-Acl cmdlet to retrieve the security descriptor from the file C:\Scripts\Test.txt; that’s what we do here:

$objFile = Get-Acl C:\Scripts\Test.txt

Once we have the security descriptor we can use the SetOwner method to assign ourselves ownership of the file:

$objFile.SetOwner($objUser)

Well, sort of. What the SetOwner method does is assign ownership to the virtual copy of the security descriptor that we retrieved using Get-Acl. To take ownership of the actual file itself we need to use the following Set-Acl command:

Set-Acl -aclobject $objFile -path C:\Scripts\Test.txt

That should give you ownership of the file.


Give these scripts a try, GF; with any luck they should help you with your management of files and file owners. As for the Scripting Guy who writes this column, he’s going to take the rest of the day off; after all, it is Pietro Antonio Cataldi’s birthday, you know.







Note. Why isn’t Pietro’s birthday a national holiday in the US? Beats us; after all, the man did hold the record for the largest known prime number for 184 years, until Leonhard Euler came along in 1772 and discovered that 231 – 1 was the eighth Mersenne prime. The largest known Mersenne prime number as of this writing is 232,582,657−1, which – by yet another amazing coincidence – is also the amount of money the Scripting Guy who writes this column requested as an income tax refund for the year 2007. We’ll let you know how that goes.

Avatar

Follow    

No Comments.