Page 1 of 1 1
Topic Options
#175648 - 2007-04-25 06:27 AM Take Ownership
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
Hi guys
I have bit complicated issue, Our user accounts are created by a privileged user, hence the owner ship of all accounts are in his name, I want to remove his ownership and replace with domain admin ownership, doing one by one 2 5000 accounts is pain...

please suggest any short cut.
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#175649 - 2007-04-25 06:35 AM Re: Take Ownership [Re: Saleem]
Witto Offline
MM club member
*****

Registered: 2004-09-29
Posts: 1828
Loc: Belgium
I do not get your question totally, but if it is about taking ownership of files, maybe this can help:
Hey, Scripting Guy! How Can I Take Ownership of a File or Folder By Using a Script?

Top
#175650 - 2007-04-25 07:08 AM Re: Take Ownership [Re: Witto]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
No! this is about taking ownership of user accounts from active directory...
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#175659 - 2007-04-25 11:25 AM Re: Take Ownership [Re: Saleem]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
I got som hints

I can read the owner value now

$objuser=getobject("LDAP://CN=Jan Smith,OU=Accounts,DC=fabrican,DC=com")

? $objuser.samaccountname+ ";" + $objuser.ntSecurityDescriptor.owner

and this is the VB script for changing folder ownership:

strComputer = "."

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colFolders = objWMIService.ExecQuery _
("Select * From Win32_Directory Where Name = 'C:\\Scripts'")

For Each objFolder in colFolders
objFolder.TakeOwnershipEx
Next

Can I user it for user account also ??
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#175924 - 2007-05-03 09:51 AM Re: Take Ownership [Re: Saleem]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
Any help can I expect ?
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#175925 - 2007-05-03 10:45 AM Re: Take Ownership [Re: Saleem]
Witto Offline
MM club member
*****

Registered: 2004-09-29
Posts: 1828
Loc: Belgium
Most probably, the vbscript can be converted.
Quick try (I did not test it).
 Code:
$strComputer = "."

$objWMIService = GetObject("winmgmts:\\" + $strComputer + "\root\cimv2")
$colFolders = $objWMIService.ExecQuery("Select * From Win32_Directory Where Name = 'C:\\Scripts'")

For Each $objFolder In $colFolders
	$objFolder.TakeOwnershipEx
Next

But maybe SubInAcl can also help?
I read in an other forum that it is much faster than a script
SubInACL (SubInACL.exe)
ScriptingAnswers.com Forums Archive - take ownership

Top
#175928 - 2007-05-03 01:57 PM Re: Take Ownership [Re: Witto]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
Can I use for user instead of Computer if I get the object of a User ??

I want to change the owner ship to "Domain/Admin"

Can I do it ??
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#175937 - 2007-05-03 06:26 PM Re: Take Ownership [Re: Saleem]
Witto Offline
MM club member
*****

Registered: 2004-09-29
Posts: 1828
Loc: Belgium
Sorry, did not have to change permissions on a user object yet. I would have to study this first carefully...
Top
#175943 - 2007-05-03 09:53 PM Re: Take Ownership [Re: Witto]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
Thanx Witto...

this issue is still burning in my head
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#176018 - 2007-05-06 12:07 PM Re: Take Ownership [Re: Saleem]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
Any good news guys ??
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#176019 - 2007-05-06 01:15 PM Re: Take Ownership [Re: Saleem]
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22346
Loc: OK
the wmi script above most likely doesn't work.
wmi is for controlling machine and what you need is something that pokes AD.

_________________________
!

download KiXnet

Top
#176020 - 2007-05-06 01:53 PM Re: Take Ownership [Re: Lonkero]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
True
I wana chenge ownership of user Account. Please help guys....
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#176024 - 2007-05-06 08:41 PM Re: Take Ownership [Re: Saleem]
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22346
Loc: OK
hmm...
http://msdn2.microsoft.com/en-us/library/aa706128.aspx

not sure if you can do it with kixtart though.
_________________________
!

download KiXnet

Top
#176027 - 2007-05-07 09:30 AM Re: Take Ownership [Re: Lonkero]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
I tried Jooel

it is not working
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#176028 - 2007-05-07 10:10 AM Re: Take Ownership [Re: Saleem]
Arend_ Moderator Offline
MM club member
*****

Registered: 2005-01-17
Posts: 1894
Loc: Hilversum, The Netherlands
This can be used to obtain the owner information. Setting the owner information is a bit more difficult to say the least \:\)
 Code:
Dim $ou, $sd
$ou = GetObject("LDAP://OU=SomeOuName,DC=YourOrg,DC=Com")
$sd = $ou.Get("ntSecurityDescriptor")
? $sd.Owner

Top
#176029 - 2007-05-07 10:16 AM Re: Take Ownership [Re: Arend_]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
Hi apronk

Thanx for your help, I reached that stage allready...

I tried this one also

$objuser.ntSecurityDescriptor.owner = "DOMAIN\Administrators"
$objuser.setinfo

But no use...
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#176030 - 2007-05-07 10:28 AM Re: Take Ownership [Re: Saleem]
Arend_ Moderator Offline
MM club member
*****

Registered: 2005-01-17
Posts: 1894
Loc: Hilversum, The Netherlands
Then here you go \:\)
 Code:
Dim $ou, $sd
$ou = GetObject("LDAP://CN=TestUser,OU=TestOU,DC=YourDomainName,DC=local")
$sd = $ou.Get("ntSecurityDescriptor")
? $sd.Owner

$sd.Owner = "YourDomainName\YourNewuser"
$ou.Put("ntSecurityDescriptor", $sd)
$ou.SetInfo
? @Error

Top
#176032 - 2007-05-07 12:20 PM Re: Take Ownership [Re: Arend_]
Saleem Offline
Hey THIS is FUN
*

Registered: 2001-04-11
Posts: 280
Loc: UAE
Masha Allah \:D

Thanx Man..........

It's working.... u guys really rocks
_________________________
“I’ll not change you unless you don’t have intention to change yourself” --H:Quran

Top
#176042 - 2007-05-07 03:52 PM Re: Take Ownership [Re: Saleem]
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22346
Loc: OK
right.
so it did work.


I expect to see udf out of this ;\)
_________________________
!

download KiXnet

Top
#176049 - 2007-05-07 05:20 PM Re: Take Ownership [Re: Lonkero]
Arend_ Moderator Offline
MM club member
*****

Registered: 2005-01-17
Posts: 1894
Loc: Hilversum, The Netherlands
 Originally Posted By: Jooel
right.
so it did work.


I expect to see udf out of this ;\)


Already done ;\)

Also one could also use this tactic when creating a user. So that one doesn't have to change it lateron.

Top
Page 1 of 1 1


Moderator:  Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 248 anonymous users online.
Newest Members
gespanntleuchten, DaveatAdvanced, Paulo_Alves, UsTaaa, xxJJxx
17864 Registered Users

Generated in 0.074 seconds in which 0.027 seconds were spent on a total of 14 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org