Every object has an owner, whether the object is in an NTFS volume or in Active Directory Domain Services (AD DS). The owner controls how permissions are set on the object and to whom permissions are granted.


An administrator who needs to repair or change permissions on a file must begin by taking ownership of the file.

By default, the owner is the entity that created the object. The owner can always change permissions on an object, even when the owner is denied all access to the object.

Ownership can be taken by:

Ownership can be transferred in the following ways:

Additional references