TAKEOWN Command Guide - Take Ownership of Files and Folders in Windows

The takeown command is a Windows utility that transfers ownership of files and folders to the current user or Administrators group, resolving "Access denied" errors caused by ownership restrictions. Use /F to specify the file or folder, /R for recursive operations, and /A to assign ownership to Administrators instead of the current user.

Whether you're recovering files from a crashed system profile, accessing orphaned data after user deletion, fixing permission errors on external drives, or reclaiming system files for troubleshooting, takeown provides command-line ownership transfer when standard Windows Explorer methods fail. System administrators rely on takeown for data recovery, migration scenarios, and resolving stubborn permission issues across enterprise networks.

This comprehensive guide covers takeown syntax, all parameters and switches, practical examples for common ownership scenarios, integration with icacls for complete permission management, troubleshooting tips, and frequently asked questions. By the end, you'll confidently take ownership of files and folders, understand NTFS ownership concepts, and resolve access denied errors that block file operations.

What Is the Takeown Command?

The takeown command changes file and folder ownership on NTFS volumes, transferring ownership from the current owner to a specified user or group. In Windows, ownership is a fundamental NTFS security component that grants implicit rights to control permissions, even when explicit permissions deny access.

Ownership becomes critical in several scenarios:

• User profile migration – Old user accounts own files; new users cannot access them
• System recovery – Accessing files owned by deleted users or corrupted accounts
• External drive data recovery – Files owned by accounts from other systems
• Malware cleanup – Malicious software creates files owned by SYSTEM or restricted accounts
• Administrative troubleshooting – System files require ownership change before modification
• Inherited permissions – Breaking inheritance and reassigning ownership for organizational restructuring

Introduced in Windows Vista and Windows Server 2008, takeown replaced the older cacls utility for ownership operations. It works exclusively on NTFS file systems (not FAT32 or exFAT) and requires administrator privileges for most operations.

Key concept: Ownership ≠ permissions. Taking ownership grants the right to modify permissions but doesn't automatically grant file access. You typically follow takeown with icacls to grant actual read/write permissions after changing ownership.

Takeown Command Syntax

The basic syntax for the takeown command is:

takeown /F filename [/A] [/R] [/D prompt] [/SKIPSL]

Parameters and Switches

Parameter	Description
/F filename	Specifies the file or folder path (required). Use wildcards * and ? for pattern matching. Enclose paths with spaces in double quotes.
/A	Assigns ownership to the Administrators group instead of the current user. Useful for shared administration or when current user may be deleted later.
/R	Performs recursive operation on all files and subdirectories. Essential for taking ownership of entire directory trees.
/D prompt	Default answer when current user lacks "list folder" permissions on directories. Y = take ownership, N = skip. Use /D Y for unattended scripts.
/SKIPSL	Skip symbolic links (do not follow symlinks). Default behavior follows symbolic links and takes ownership of targets. Use /SKIPSL to take ownership of the link itself.

Important Notes

• Administrator rights required: Takeown must run in elevated Command Prompt (Run as Administrator) for most operations.
• NTFS only: Works exclusively on NTFS volumes. FAT32 and exFAT lack ownership concepts.
• No undo: Ownership changes are immediate and cannot be undone with takeown. Document original ownership if restoration is required.
• Combine with icacls: Ownership alone doesn't grant access. Use icacls after takeown to assign permissions.

Understanding Windows File Ownership

Ownership Hierarchy

Windows NTFS ownership follows these principles:

1. Creator Owner: User who creates a file automatically becomes the owner
2. Administrators Override: Administrators can take ownership of any file, even without explicit permissions
3. Ownership Rights: Owners always have WRITE_DAC right (modify permissions), even if other permissions are denied
4. Orphaned Ownership: If the owning account is deleted, the file shows an SID (Security Identifier) instead of username

When You Need Takeown

Standard Windows methods for changing ownership (Properties → Security → Advanced → Owner → Change) fail when:

• No permissions to access file: "Access denied" prevents opening Properties dialog
• Ownership by deleted user: GUI shows SID string instead of username
• Bulk operations: Need to change ownership on thousands of files
• Remote administration: Command-line scripting across network shares
• Boot-blocking files: System files preventing Windows boot or updates

Practical Takeown Command Examples

Take Ownership of a Single File

Transfer ownership of a single file to the current user:

takeown /F C:\Data\document.docx

Output: SUCCESS: The file (or folder): "C:\Data\document.docx" now owned by user "DESKTOP-PC\Admin".

After taking ownership, grant permissions:

icacls C:\Data\document.docx /grant Admin:F

This gives full control to the Admin user. Replace Admin with your username.

Take Ownership of a Folder and All Contents

Recursively take ownership of an entire directory tree:

takeown /F C:\OldUserProfile /R /D Y

The /R parameter processes all subdirectories and files. /D Y automatically answers "Yes" to prompts when lacking list folder permissions, ensuring unattended operation.

Use case: Migrating user profile data after account deletion or system rebuild.

Assign Ownership to Administrators Group

Transfer ownership to the Administrators group instead of current user:

takeown /F C:\ProgramData\SensitiveData /A /R /D Y

The /A parameter assigns ownership to the built-in Administrators group. This is preferred in enterprise environments where multiple administrators manage systems, ensuring ownership isn't tied to a single user account.

Enterprise benefit: When the original administrator leaves, new administrators still have ownership rights without needing to re-run takeown.

Take Ownership of System Files for Troubleshooting

Some system files require ownership change before modification:

takeown /F C:\Windows\System32\drivers\etc\hosts /A

After taking ownership, grant permissions:

icacls C:\Windows\System32\drivers\etc\hosts /grant Administrators:F

Edit the file in Notepad with administrator privileges. Critical: Restore original ownership and permissions after editing to maintain system integrity.

Take Ownership of Files with Wildcards

Use wildcards to take ownership of multiple files matching a pattern:

takeown /F C:\Logs\*.log /A

This transfers ownership of all .log files in C:\Logs to Administrators. Combine with /R to include subdirectories:

takeown /F C:\Logs\*.log /R /A /D Y

Automation use case: Batch process log files from multiple applications for centralized archival or deletion.

Recover Files from External Drive

External drives from other computers may have files owned by unknown SIDs:

takeown /F E:\ /R /D Y

This takes ownership of all files and folders on drive E:. Follow with icacls to grant full access:

icacls E:\ /grant %username%:F /T

The /T parameter in icacls is equivalent to takeown's /R (recursive). %username% is an environment variable representing the current logged-in user.

Data recovery scenario: Hard drive from crashed computer connected via USB—ownership by old system account prevents access.

Take Ownership and Grant Permissions (Complete Workflow)

For complete access, combine takeown with icacls:

takeown /F C:\RestrictedFolder /R /A /D Y
icacls C:\RestrictedFolder /grant Administrators:F /T

Step-by-step:

1. takeown changes ownership to Administrators group recursively
2. icacls /grant grants Full Control permissions to Administrators
3. /T applies permissions recursively to match takeown's /R

Now Administrators have complete access to read, modify, delete, and change permissions.

Take Ownership Without Following Symbolic Links

Skip symbolic links to take ownership of the link itself, not the target:

takeown /F C:\LinkFolder /R /SKIPSL

Useful when symbolic links point to system directories you don't want to modify. Default behavior follows symlinks and takes ownership of the actual target files, which can have unintended consequences.

Take Ownership of Protected Registry Files

While takeown primarily targets NTFS files, it can prepare registry hive files for offline editing:

takeown /F C:\Windows\System32\config\SOFTWARE /A
icacls C:\Windows\System32\config\SOFTWARE /grant Administrators:F

Critical: Only perform on offline registry hives (boot from recovery media) or shadow copies. Modifying active registry hives causes system instability.

Batch Script for Complete Access

Create a batch script to take ownership and grant full permissions in one operation:

@echo off
set TARGET=%1
takeown /F "%TARGET%" /R /A /D Y
icacls "%TARGET%" /grant Administrators:F /T
echo Ownership transferred and permissions granted for: %TARGET%
pause

Save as TakeFullControl.bat. Usage: TakeFullControl.bat C:\FolderPath

Enterprise deployment: Package in startup scripts or remote management tools for bulk permission fixes.

Common Use Cases for the Takeown Command

1. User account migration after employee departure – Transfer ownership of departed employee's files to IT administrators for audit, archival, or redistribution. Prevents data loss when accounts are deleted per security policy.

2. Access files from crashed system profiles – When Windows creates a temporary profile due to corruption, original profile files are owned by the old (now inaccessible) account. Takeown reclaims ownership for data recovery.

3. Fix "Access Denied" on external drives – USB drives or external hard drives from other computers contain files owned by accounts from different systems. Takeown allows access to files showing unknown SID ownership.

4. Malware cleanup and system file restoration – Malicious software sometimes changes ownership of system files to SYSTEM or restricted accounts, preventing removal. Takeown restores administrative control for cleanup.

5. Remove stubborn files and folders – Some applications or corrupted installations create files that resist deletion due to ownership restrictions. Takeown enables deletion of these orphaned files.

6. System administration and troubleshooting – Modifying protected system files (hosts file, driver files, system DLLs) for legitimate troubleshooting requires ownership change before editing.

7. Inherited permissions causing access issues – In complex permission hierarchies, inherited ownership from parent folders may block access. Takeown breaks inheritance and establishes new ownership for fresh permission assignment.

8. Data recovery from formatted drives or shadow copies – Recovered files from Volume Shadow Copies or undelete utilities may have ownership by VSS service account or SYSTEM. Takeown reassigns ownership for user access.

9. Network share permission restructuring – During organizational changes, file server shares may require bulk ownership transfer from old departments to new ones. Takeown automates this at scale.

10. Forensic analysis and e-discovery – Legal or security investigations require access to user files regardless of permissions. Takeown ensures forensic teams can access evidence without file modification denial.

11. Automated backup and archival workflows – Backup scripts may encounter access denied errors on user-owned files. Takeown in pre-backup scripts ensures complete file access for comprehensive backups.

12. Virtual machine or container ownership issues – Files created by VM guest agents or containerized applications may have ownership by service accounts. Takeown reassigns ownership for host system access.

Tips and Best Practices

1. Always run as Administrator – Takeown requires elevated privileges for most operations. Right-click Command Prompt and select "Run as administrator" before executing takeown commands.

2. Document original ownership before changes – Use icacls filename /save aclfile to backup permissions before taking ownership. Restore with icacls /restore aclfile if needed.

3. Use /A for shared administration – Assign ownership to Administrators group instead of current user to ensure continuity when administrators change. Individual user ownership complicates future administrative access.

4. Combine takeown with icacls for complete access – Ownership alone doesn't grant file access. Always follow takeown with icacls /grant to assign appropriate permissions.

5. Test on non-critical data first – Practice takeown on test folders before applying to production data. Incorrect usage can complicate permission structures rather than fix them.

6. Use /D Y for unattended scripts – In automated scripts, /D Y prevents prompts that would halt execution. Critical for scheduled tasks or remote deployment scripts.

7. Quote paths with spaces – Always enclose file paths containing spaces in double quotes: takeown /F "C:\My Documents\File.txt".

8. Verify results after execution – Check ownership in File Explorer (Properties → Security → Advanced → Owner) or with icacls filename to confirm successful ownership transfer.

9. Avoid taking ownership of entire system drives – Never run takeown /F C:\ /R on system drives. This breaks Windows security model and causes system instability, update failures, and application errors.

10. Understand NTFS vs. share permissions – Takeown changes NTFS file permissions only. Network share permissions are separate and configured via share properties or net share commands.

11. Use PowerShell for complex scenarios – For conditional ownership changes or advanced filtering, PowerShell's Get-Acl and Set-Acl cmdlets offer more flexibility than takeown.

12. Restore system file ownership after troubleshooting – When modifying system files, note original ownership (typically TrustedInstaller) and restore it after edits to maintain Windows Resource Protection.

Troubleshooting Common Issues

"Access is Denied" Error Despite Administrator Rights

Problem: Takeown fails with "Access is denied" even when running as Administrator.

Cause: Windows Resource Protection prevents ownership changes on critical system files, file is in use by another process, or User Account Control (UAC) is blocking the operation.

Solution:

• Boot into Safe Mode for system files protected by Windows Resource Protection
• Use net stop trustedinstaller to temporarily disable TrustedInstaller service (not recommended except for critical troubleshooting)
• Close all applications that might have the file open (check with Resource Monitor)
• For files owned by TrustedInstaller, use takeown /F filename /A followed by icacls filename /grant Administrators:F

Prevention: Research whether the file is protected by Windows Resource Protection before attempting modification. Many WRP-protected files should not be changed.

"You Do Not Have Permission to Read the Contents of This Directory"

Problem: Takeown with /R prompts "You do not have permission to read the contents" and skips directories.

Cause: Current user lacks "List Folder Contents" permission on subdirectories. Without this permission, takeown cannot enumerate contents for recursive operations.

Solution:

• Use /D Y parameter to automatically answer "Yes" to prompts: takeown /F path /R /D Y
• This forces takeown to take ownership even without read permissions
• After taking ownership, run icacls to grant read permissions: icacls path /grant Administrators:F /T

Prevention: Always include /D Y in recursive takeown commands for unattended operation.

"Invalid Parameter /F" Error

Problem: Takeown reports "Invalid parameter" for the /F switch.

Cause: Missing or malformed file path, typo in parameter syntax, or missing quotation marks around paths with spaces.

Solution:

• Verify /F is uppercase (parameters are case-insensitive but good practice)
• Enclose paths with spaces in double quotes: /F "C:\My Folder\File.txt"
• Check for typos in the path—use Tab completion to auto-complete
• Ensure the file or folder actually exists: dir "C:\Path" to verify

Prevention: Copy and paste paths from File Explorer or use Tab completion in Command Prompt to avoid typos.

Ownership Changed But Still Cannot Access File

Problem: Takeown succeeds but "Access denied" persists when opening the file.

Cause: Ownership doesn't automatically grant permissions. You own the file but haven't granted yourself read/write access.

Solution: After takeown, grant explicit permissions:

takeown /F C:\Data\file.txt /A
icacls C:\Data\file.txt /grant Administrators:F

Full workflow:

1. Take ownership with takeown
2. Grant Full Control with icacls
3. Verify access by opening the file

Prevention: Always pair takeown commands with icacls permission grants in scripts and documentation.

"The Process Cannot Access the File Because It Is Being Used by Another Process"

Problem: Takeown fails because the target file is locked by a running application or service.

Cause: File is currently open in an application, locked by a service, or accessed by a background process (antivirus, backup, indexing).

Solution:

• Close all applications that might have the file open
• Use Resource Monitor (resmon.exe → CPU tab → Associated Handles) to identify which process has the file open
• Use taskkill /F /IM process.exe to forcefully terminate the locking process (use caution)
• Boot into Safe Mode to take ownership of files locked by services or drivers
• For system files, disable relevant services temporarily

Prevention: Before running takeown on files likely to be in use, close applications and stop relevant services.

Takeown Works But Cannot Delete Folder

Problem: After taking ownership, folder still cannot be deleted with "Access denied" or "Directory not empty" errors.

Cause: Subdirectories or hidden files still have restrictive permissions, or Windows Explorer has the folder open (background thumbnail generation, indexing).

Solution:

takeown /F C:\FolderPath /R /A /D Y
icacls C:\FolderPath /grant Administrators:F /T
attrib -h -s C:\FolderPath\*.* /S /D
rd /S /Q C:\FolderPath

This workflow:

1. Takes ownership recursively
2. Grants full permissions recursively
3. Unhides all files and removes system attribute
4. Force-deletes with rd /S /Q

Prevention: Close all File Explorer windows viewing the target folder before deletion attempts.

Related Commands

icacls – NTFS Permissions Management

icacls (Integrity Control Access Control List) is the modern Windows utility for managing NTFS permissions. While takeown changes ownership, icacls controls read, write, execute, modify, and full control permissions.

Takeown + icacls workflow:

1. takeown /F path /A /R /D Y – Take ownership
2. icacls path /grant Administrators:F /T – Grant full control
3. Access or modify files as needed
4. (Optional) icacls path /setowner "NT SERVICE\TrustedInstaller" /T – Restore original owner

When to use icacls: After every takeown operation to actually grant file access. Icacls also handles permission inheritance, auditing settings, and granular permission assignment.

attrib – File Attributes

attrib manages file attributes (hidden, system, read-only, archive). Sometimes files resist takeown or deletion due to system or hidden attributes, not just ownership.

Combined workflow for stubborn files:

attrib -h -s -r C:\File.txt
takeown /F C:\File.txt /A
icacls C:\File.txt /grant Administrators:F
del C:\File.txt

Advantage: Clearing system and hidden attributes before takeown ensures no attribute-based protection blocks ownership change.

cacls – Legacy Permissions Tool

cacls is the deprecated predecessor to icacls, still available for backward compatibility. Displays and modifies file ACLs (Access Control Lists). Replaced by icacls in Windows Vista and later.

Migration: Replace cacls commands in old scripts with icacls equivalents for continued support and better functionality.

SubInACL – Advanced Ownership Tool

SubInACL is a Microsoft utility (separate download) that changes ownership of files, registry keys, and services with more granular control than takeown. Useful for bulk operations with complex filtering.

When to use SubInACL: Enterprise deployments requiring ownership changes on specific file types, registry subtrees, or services. Supports filtering by owner, age, attributes, and more.

Download: Microsoft's website (free utility). More complex syntax than takeown but powerful for large-scale automation.

PowerShell Get-Acl and Set-Acl

PowerShell's ACL cmdlets provide object-oriented permission and ownership management with rich filtering, conditional logic, and pipeline integration.

Example—take ownership with PowerShell:

$acl = Get-Acl C:\File.txt
$acl.SetOwner([System.Security.Principal.NTAccount]"Administrators")
Set-Acl C:\File.txt $acl

Advantage: PowerShell offers better error handling, logging, conditional processing, and integration with other management tasks compared to takeown.

Recommendation: Use takeown for quick command-line fixes; use PowerShell for complex automation requiring conditional logic or extensive logging.

robocopy with Security Options

robocopy (Robust File Copy) preserves or strips security attributes during file copies. Use /SEC to copy security (including ownership) or /DCOPY:T to copy directory timestamps without permissions.

Integration with takeown: Use robocopy to backup files before taking ownership, preserving original permissions for potential restoration: robocopy C:\Source C:\Backup /SEC /COPYALL.

Frequently Asked Questions

What does the takeown command do?

The takeown command transfers file and folder ownership on NTFS volumes to the current user or Administrators group. It resolves "Access denied" errors caused by ownership restrictions, allowing administrators to access files owned by deleted users, system accounts, or unknown SIDs. Takeown requires administrator privileges and is typically paired with icacls to grant actual permissions after changing ownership.

How do I take ownership of a folder and all subfolders?

Use takeown /F C:\FolderPath /R /A /D Y to recursively take ownership of a folder and all contents. The /R parameter processes subdirectories, /A assigns ownership to Administrators group, and /D Y automatically answers prompts. Follow with icacls C:\FolderPath /grant Administrators:F /T to grant full permissions recursively.

What is the difference between takeown and icacls?

Takeown changes file ownership (who owns the file), while icacls manages NTFS permissions (who can read, write, modify, or delete the file). Ownership grants the right to change permissions but doesn't automatically grant access. Use takeown first to establish ownership, then use icacls to grant appropriate permissions for actual file access.

Why do I still get "Access Denied" after using takeown?

Ownership alone doesn't grant file access—it only grants the right to modify permissions. After running takeown, use icacls to grant explicit permissions: icacls filename /grant Administrators:F. This gives Full Control to Administrators. Ownership + permissions = complete access.

Can I undo takeown changes?

Takeown has no built-in undo functionality. To restore original ownership, you must manually reassign it using icacls: icacls filename /setowner "DOMAIN\OriginalOwner". Backup ownership and permissions before changes using icacls filename /save aclbackup.acl, then restore with icacls /restore aclbackup.acl if needed.

Do I need administrator rights to use takeown?

Yes, takeown requires elevated administrator privileges for most operations. Run Command Prompt as Administrator (right-click, "Run as administrator") before executing takeown commands. Standard users cannot take ownership of files owned by other users or system accounts.

What does takeown /A do?

/A assigns ownership to the Administrators group instead of the current user. This is preferred in enterprise environments where multiple administrators manage systems, ensuring ownership isn't tied to a single account. When the original admin leaves, new admins still have ownership rights without re-running takeown.

Can takeown work on network drives?

Yes, takeown works on UNC network paths (\\server\share\file.txt) and mapped network drives, provided you have administrator credentials on the remote system and the share allows administrative access. Network ownership changes require appropriate domain permissions and may be restricted by share-level permissions.

How do I take ownership of system files protected by Windows?

Some critical system files are protected by Windows Resource Protection (WRP). To take ownership:

1. Boot into Safe Mode or use recovery environment
2. Run takeown /F filename /A
3. Grant permissions: icacls filename /grant Administrators:F
4. Modify the file as needed
5. Restore original ownership: icacls filename /setowner "NT SERVICE\TrustedInstaller"

Warning: Modifying WRP-protected files can cause system instability. Only proceed if absolutely necessary.

What is the /SKIPSL parameter for?

/SKIPSL tells takeown to skip symbolic links (symlinks) instead of following them to their targets. Default behavior follows symlinks and takes ownership of the actual target files. Use /SKIPSL when you want to take ownership of the link itself, not the destination, or to avoid unintended ownership changes on system directories referenced by symlinks.

Can I use wildcards with takeown?

Yes, takeown supports * (multiple characters) and ? (single character) wildcards: takeown /F C:\Logs\*.log /A takes ownership of all .log files in the Logs folder. Combine with /R to include subdirectories: takeown /F C:\Data\*.docx /R /A /D Y.

Why does takeown prompt for each folder with /R?

Without /D Y, takeown prompts when it encounters directories where the current user lacks "List Folder Contents" permission. The prompt asks whether to take ownership anyway. Use /D Y to automatically answer "Yes" and enable unattended operation in scripts: takeown /F path /R /D Y.

Quick Reference Card

Command	Purpose	Example Use Case
takeown /F file.txt	Take ownership of single file	Fix access denied on document
takeown /F folder /R /D Y	Take ownership recursively	Recover user profile data
takeown /F path /A	Assign to Administrators group	Shared administration
takeown /F E:\ /R /D Y	Take ownership of entire drive	External drive data recovery
takeown /F file /A + icacls file /grant Administrators:F	Complete access workflow	Full ownership + permissions
takeown /F *.log /A	Take ownership with wildcards	Bulk log file processing
takeown /F folder /R /SKIPSL	Skip symbolic links	Avoid unintended system changes
icacls file /save backup.acl	Backup permissions before takeown	Permission restoration
icacls /restore backup.acl	Restore original permissions	Undo permission changes
icacls file /setowner "User"	Manually set owner	Restore original ownership

Try the Takeown Command in Our Simulator

Practice the takeown command safely in our Windows Command Simulator. Run takeown /F file.txt, test recursive operations with /R, and learn ownership management workflows in your browser without affecting your actual system. Perfect for training, understanding NTFS permissions, or demonstrating administrative techniques.

Visit the Commands Reference for a full list of supported Windows CMD commands, including file management, permissions, and system administration utilities.

Summary

The takeown command is essential for resolving "Access denied" errors caused by NTFS ownership restrictions. Use /F to specify the target file or folder, /R for recursive operations across subdirectories, /A to assign ownership to the Administrators group, and /D Y for unattended script execution without prompts.

Always pair takeown with icacls to grant actual file permissions after changing ownership. Ownership grants the right to modify permissions but doesn't automatically provide read/write access. Complete workflow: takeown /F path /A /R /D Y followed by icacls path /grant Administrators:F /T.

Master takeown for data recovery scenarios (accessing files from deleted users or external drives), system administration (modifying protected system files), malware cleanup (reclaiming ownership of infected files), and enterprise management (bulk ownership transfer during organizational changes).

Remember to backup original ownership and permissions before changes using icacls /save, test on non-critical data first, and avoid taking ownership of entire system drives. For advanced automation, consider PowerShell's ACL cmdlets which offer richer functionality and better error handling than takeown for complex scenarios.