"Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
news:%23pjdQ1wqFHA.3720@TK2MSFTNGP14.phx.gbl...
> Windows pretty much only allows ownership to be accepted by a user, not
> assigned to another user (see
> http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_seconceptsunown.mspx
> for relevant details). Basically, unless your target user is the account
> under which the code is running (and that user has "take ownership"
> permission on the directory), you should expect the SetOwner call to fail.
> (The one exception that I know of is that an administrator can take
> ownership on behalf of the administrators group, but that's presumably not
> relevant to your problem given that you're using accounts, not groups.)
>
>
>
>
> "Brian Kirkegaard" <bkirk@aod.aau.dk> wrote in message
> news:eZm00%23vqFHA.2540@TK2MSFTNGP09.phx.gbl...
>> I'm having a problem using DirectorySecurity.SetOwner int DotNet. I'm
>> using the following very simple code:
>>
>> DirectoryInfo dInfo = new DirectoryInfo(strFolder);
>> DirectorySecurity oDirectorySecurity =
>> dInfo.GetAccessControl(AccessControlSections.Owner);
>> oDirectorySecurity.SetOwner(new NTAccount(strUser));
>> dInfo.SetAccessControl(oDirectorySecurity);
>>
>> But th SetAccessControl throws an System.InvalidOperationException with
>> the following message:
>> "The security identifier is not allowed to be the owner of this object.".
>>
>> Any idea what the problem is and hopefully a solution?
>>
>> Thanks,
>> -Brian
>>
>
>

"Brian Kirkegaard" <bkirk@aod.aau.dk> wrote in message
news:eZm00%23vqFHA.2540@TK2MSFTNGP09.phx.gbl...
> I'm having a problem using DirectorySecurity.SetOwner int DotNet. I'm
> using the following very simple code:
>
> DirectoryInfo dInfo = new DirectoryInfo(strFolder);
> DirectorySecurity oDirectorySecurity =
> dInfo.GetAccessControl(AccessControlSections.Owner);
> oDirectorySecurity.SetOwner(new NTAccount(strUser));
> dInfo.SetAccessControl(oDirectorySecurity);
>
> But th SetAccessControl throws an System.InvalidOperationException with
> the following message:
> "The security identifier is not allowed to be the owner of this object.".
>
> Any idea what the problem is and hopefully a solution?
>
> Thanks,
> -Brian
>

"Brian Kirkegaard" <bkirk@aod.aau.dk> wrote in message
news:eADMvJxqFHA.3444@TK2MSFTNGP12.phx.gbl...
> Thanks for your reply,
>
> I forgot to say that I'm using using it on Windows Server 2003, which
> allows setting of ownership to another user than the current user
> (provided the right security rights).
>
> The setting of ownership can be done directly from the graphical
> userinterface using the "Advanced Security Settings" dialog from
> Properties/Security. I've also successfully been using the
> ADsSecurityUtility object:
>
> Set sd = sdUtil.GetSecurityDescriptor(strFolder, ADS_PATH_FILE,
> ADS_SD_FORMAT_IID )
> sd.Owner = strUser
> sdUtil.SetSecurityDescriptor strFolder, ADS_PATH_FILE, sd,
> ADS_SD_FORMAT_IID
>
> This code works quite well, but I would very much like to use the
> DirectorySecurity object!
>
> Thanks,
> -Brian
>
> "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
> news:%23pjdQ1wqFHA.3720@TK2MSFTNGP14.phx.gbl...
>> Windows pretty much only allows ownership to be accepted by a user, not
>> assigned to another user (see
>> http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_seconceptsunown.mspx
>> for relevant details). Basically, unless your target user is the account
>> under which the code is running (and that user has "take ownership"
>> permission on the directory), you should expect the SetOwner call to
>> fail. (The one exception that I know of is that an administrator can take
>> ownership on behalf of the administrators group, but that's presumably
>> not relevant to your problem given that you're using accounts, not
>> groups.)
>>
>>
>>
>>
>> "Brian Kirkegaard" <bkirk@aod.aau.dk> wrote in message
>> news:eZm00%23vqFHA.2540@TK2MSFTNGP09.phx.gbl...
>>> I'm having a problem using DirectorySecurity.SetOwner int DotNet. I'm
>>> using the following very simple code:
>>>
>>> DirectoryInfo dInfo = new DirectoryInfo(strFolder);
>>> DirectorySecurity oDirectorySecurity =
>>> dInfo.GetAccessControl(AccessControlSections.Owner);
>>> oDirectorySecurity.SetOwner(new NTAccount(strUser));
>>> dInfo.SetAccessControl(oDirectorySecurity);
>>>
>>> But th SetAccessControl throws an System.InvalidOperationException with
>>> the following message:
>>> "The security identifier is not allowed to be the owner of this
>>> object.".
>>>
>>> Any idea what the problem is and hopefully a solution?
>>>
>>> Thanks,
>>> -Brian
>>>
>>
>>
>
>

Brian Kirkegaard wrote:
> *I'm having a problem using DirectorySecurity.SetOwner int DotNet.
> I'm using
> the following very simple code:
>
> DirectoryInfo dInfo = new DirectoryInfo(strFolder);
> DirectorySecurity oDirectorySecurity =
> dInfo.GetAccessControl(AccessControlSections.Owner);
> oDirectorySecurity.SetOwner(new NTAccount(strUser));
> dInfo.SetAccessControl(oDirectorySecurity);
>
> But th SetAccessControl throws an System.InvalidOperationException
> with the
> following message:
> "The security identifier is not allowed to be the owner of this
> object.".
>
> Any idea what the problem is and hopefully a solution?
>
> Thanks,
> -Brian *