problem setting file owner

Topics: Developer Forum, User Forum
Oct 27, 2011 at 5:16 PM

Hi all

I'm tearing my hair out here!  I'm trying to create a user home directory on a filer share and set the ownership to the user.  I seem to have all the correct permissions thanks to your set-privilege command (thanks) but it STILL won't work.  Any idea what might be wrong?  -

 

> whoami /priv

PRIVILEGES INFORMATION
----------------------

Privilege Name                  Description
               State
=============================== ================================================
============== ========
SeIncreaseQuotaPrivilege        Adjust memory quotas for a process
               Disabled
SeMachineAccountPrivilege       Add workstations to domain
               Disabled
SeSecurityPrivilege             Manage auditing and security log
               Enabled
SeTakeOwnershipPrivilege        Take ownership of files or other objects
               Disabled
SeLoadDriverPrivilege           Load and unload device drivers
               Disabled
SeSystemProfilePrivilege        Profile system performance
               Disabled
SeSystemtimePrivilege           Change the system time
               Disabled
SeProfileSingleProcessPrivilege Profile single process
               Disabled
SeIncreaseBasePriorityPrivilege Increase scheduling priority
               Disabled
SeCreatePagefilePrivilege       Create a pagefile
               Disabled
SeBackupPrivilege               Back up files and directories
               Enabled
SeRestorePrivilege              Restore files and directories
               Enabled
SeShutdownPrivilege             Shut down the system
               Disabled
SeDebugPrivilege                Debug programs
               Enabled
SeSystemEnvironmentPrivilege    Modify firmware environment values
               Disabled
SeChangeNotifyPrivilege         Bypass traverse checking
               Enabled
SeRemoteShutdownPrivilege       Force shutdown from a remote system
               Disabled
SeUndockPrivilege               Remove computer from docking station
               Disabled
SeEnableDelegationPrivilege     Enable computer and user accounts to be trusted
for delegation Disabled
SeManageVolumePrivilege         Perform volume maintenance tasks
               Disabled
SeImpersonatePrivilege          Impersonate a client after authentication
               Enabled
SeCreateGlobalPrivilege         Create global objects
               Enabled
SeIncreaseWorkingSetPrivilege   Increase a process working set
               Disabled
SeTimeZonePrivilege             Change the time zone
               Disabled
SeCreateSymbolicLinkPrivilege   Create symbolic links
               Disabled

PS > $var=get-item \\filer\home$\userdatatest\dummya
PS > $acl=$var.GetAccessControl()
PS > [System.Security.Principal.NTAccount]$newOwner="mydom\dummya"
PS > $acl.SetOwner($NewOwner)
PS > $var.SetAccessControl($acl)
Exception calling "SetAccessControl" with "1" argument(s): "The security identifier is not allowed to be the owner of this object."
At line:1 char:22
+ $var.SetAccessControl <<<< ($acl)
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException