The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

.NET Buzz Forum
Developing Non-Admin: File Ownership on Windows Server 2003

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Peter G Provost

Posts: 849
Nickname: pprovost
Registered: Aug, 2003

Peter G Provost is a Solution Architect for Interlink Group in Denver, CO.
Developing Non-Admin: File Ownership on Windows Server 2003 Posted: Dec 27, 2004 5:00 PM
Reply to this message Reply

This post originated from an RSS feed registered with .NET Buzz by Peter G Provost.
Original Post: Developing Non-Admin: File Ownership on Windows Server 2003
Feed Title: Peter Provost's Geek Noise
Feed URL: /error.aspx?aspxerrorpath=/Rss.aspx
Feed Description: Technology news, development articles, Microsoft .NET, and other stuff... 		Latest .NET Buzz Posts
Latest .NET Buzz Posts by Peter G Provost
Latest Posts From Peter Provost's Geek Noise

Advertisement

So that I don't lose this later, and so it will help others out who run into this...

When you are developing non-admin, you will probabky end up using something like Aaron Margosis' MakeMeAdmin tool to elevate your privileges when you need to do admin-like things.

The problem comes when you are doing something in an admin context that creates files. In Windows XP, when you created a file as a member of the Administrators group, the file was owned by you. In Server 2003, it is owned by the Administrators group. Apparently this was to make it easier for multiple system adminstrators to work on a system. Each of them, by just being a member of the right group, gets ownership of all the files created by other admins. Makes sense.

But when you are developing, you may not want this behavior. Suppose for example that you perform a build of your application from a MakeMeAdmin boosted context. When the compiler is doing its dirty work, all those files in obj/ and bin/ will be owned by the Administrators group. If you later try to do a compile of the same project as a non-admin, it may fail because you may not have the rights to delete an administrator's file. Oops. Keith Brown talks about this in Item 41 in his book.

Now for the fix (similar to the one described at the end of MSKB 318825):

  1. Use MakeMeAdmin or logon as the local machine administrator
  2. Launch gpedit.msc, the group policy editor.
  3. Navigate to Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options in the tree
  4. Double click on System objects: Default owner for objects created by members of the Administrators group.
  5. Change the value to Object creator.

Reboot and you're golden.

Note: You may have to use MakeMeAdmin to fix any files that were previously created.

Now playing: Bob Marley & The Wailers - Easy Skanking

Read: Developing Non-Admin: File Ownership on Windows Server 2003

Topic: Tis the Season to Download Previous Topic   Next Topic Topic: Not dead
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use