Fixing “Unable to Display Current Owner” Access Denied Error on Windows NTFS Files


3 views

This is one of those Windows file system quirks that can drive even experienced admins crazy. When a user extracts files from certain zip archives (particularly those created with non-standard tools or downloaded from questionable sources), the NTFS permissions can get corrupted in ways that make the file completely inaccessible - even to local administrators.

The "Unable to display current owner" message combined with "Access Denied" typically indicates one of these scenarios:

  • The file's security descriptor is corrupted
  • The SID (Security Identifier) in the ACL points to a non-existent user/group
  • There's a mismatch between the file's owner and the permissions inheritance

Before resorting to third-party tools, try these in an elevated command prompt:

First attempt resetting permissions:

icacls "C:\path\to\file" /reset /T /C /Q

If that fails, force ownership takeover:

takeown /F "C:\path\to\file" /A /R /D Y
icacls "C:\path\to\file" /grant Administrators:F /T /C /Q

For stubborn cases, we'll need to use PowerShell to completely strip and rebuild the security descriptor:

$path = "C:\path\to\file"
$acl = Get-Acl $path
$newOwner = [System.Security.Principal.NTAccount]"Administrators"
$acl.SetOwner($newOwner)
Set-Acl -Path $path -AclObject $acl
$acl.SetAccessRuleProtection($false, $false)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Everyone","FullControl","Allow")
$acl.AddAccessRule($rule)
Set-Acl -Path $path -AclObject $acl
Remove-Item -Force $path

To avoid this headache in the future:

  • Always download zips from trusted sources
  • Consider using 7-Zip instead of Windows built-in extraction
  • For sensitive systems, implement a group policy to automatically reset permissions on downloaded files

Recently, I encountered a frustrating issue where a user with local admin rights on Windows 7 64-bit couldn't access a file extracted from a ZIP archive. The system showed "Unable to display current owner" when attempting to check permissions, and all operations (delete, execute, modify) failed with "Access is Denied".

This typically occurs when:

  • The file's security descriptor becomes corrupted
  • Ownership information gets lost during extraction
  • There's a mismatch between the file's ACL and the system's security database

First, try taking ownership via command prompt (run as Administrator):

takeown /f "C:\path\to\file" /d y
icacls "C:\path\to\file" /grant administrators:F

If that fails, we need to go deeper with PowerShell:

$path = "C:\path\to\file"
$acl = Get-Acl $path
$admin = [System.Security.Principal.NTAccount]"Administrators"
$acl.SetOwner($admin)
Set-Acl -Path $path -AclObject $acl
Remove-Item -Force $path

When standard methods fail, we can modify the registry to force ownership:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\*\shell\Take Ownership\command]
@="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant administrators:F"

For stubborn files, schedule a boot-time operation:

schtasks /create /tn "DeleteFile" /tr "cmd /c del /f /q \"C:\path\to\file\"" /sc onstart /ru SYSTEM

To avoid this issue in the future:

  • Always extract files to temporary directories first
  • Use 7-Zip instead of built-in Windows compression
  • Regularly check disk integrity with chkdsk /f