INFO: New Owner in Take-Ownership Operation (111541)
The information in this article applies to:
- Microsoft Win32 Application Programming Interface (API), when used with:
- the operating system: Microsoft Windows NT 3.1
- the operating system: Microsoft Windows NT 3.5
- the operating system: Microsoft Windows 2000
- the operating system: Microsoft Windows XP
This article was previously published under Q111541 SUMMARY
When ownership of a file is taken, the user performing the operation
becomes the new owner. The exception to this rule is when the user is a
member of the "Administrators" group. In this situation, the ownership of
the file is assigned to the Administrators group.
The reasoning for this behavior is that the administrators on a particular
system work together. When one administrator takes ownership of a file, the
others should also receive access.
MORE INFORMATION
When a take-ownership operation is performed, the system assigns the new
owner SID based on the TOKEN_OWNER field of the user's access token.
When a user logs on to a Windows NT system, the logon process builds an
access token to represent the user. Normally the TOKEN_OWNER field in the
access token is set equal to TOKEN_USER (the user's SID). However, when the
user is a member of the Administrators group, the system sets the
TOKEN_OWNER field to the Administrators SID.
Although Windows NT does not provide a user interface for changing the
TOKEN_OWNER field in the user's access token, it is possible to
programatically change this value via the SetTokenInformation() Win32 API
(application programming interface).
| Modification Type: | Major | Last Reviewed: | 4/12/2004 |
|---|
| Keywords: | kbinfo kbKernBase kbProgramming KbSECTools kbSecurity KB111541 |
|---|
|