Fixing “Unable to Display Current Owner” Access Denied Error on Windows NTFS Files


12 views

This is one of those Windows file system quirks that can drive even experienced admins crazy. When a user extracts files from certain zip archives (particularly those created with non-standard tools or downloaded from questionable sources), the NTFS permissions can get corrupted in ways that make the file completely inaccessible - even to local administrators.

The "Unable to display current owner" message combined with "Access Denied" typically indicates one of these scenarios:

  • The file's security descriptor is corrupted
  • The SID (Security Identifier) in the ACL points to a non-existent user/group
  • There's a mismatch between the file's owner and the permissions inheritance

Before resorting to third-party tools, try these in an elevated command prompt:

First attempt resetting permissions:

icacls "C:\path\to\file" /reset /T /C /Q

If that fails, force ownership takeover:

takeown /F "C:\path\to\file" /A /R /D Y
icacls "C:\path\to\file" /grant Administrators:F /T /C /Q

For stubborn cases, we'll need to use PowerShell to completely strip and rebuild the security descriptor:

$path = "C:\path\to\file"
$acl = Get-Acl $path
$newOwner = [System.Security.Principal.NTAccount]"Administrators"
$acl.SetOwner($newOwner)
Set-Acl -Path $path -AclObject $acl
$acl.SetAccessRuleProtection($false, $false)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Everyone","FullControl","Allow")
$acl.AddAccessRule($rule)
Set-Acl -Path $path -AclObject $acl
Remove-Item -Force $path

To avoid this headache in the future:

  • Always download zips from trusted sources
  • Consider using 7-Zip instead of Windows built-in extraction
  • For sensitive systems, implement a group policy to automatically reset permissions on downloaded files

Recently, I encountered a frustrating issue where a user with local admin rights on Windows 7 64-bit couldn't access a file extracted from a ZIP archive. The system showed "Unable to display current owner" when attempting to check permissions, and all operations (delete, execute, modify) failed with "Access is Denied".

This typically occurs when:

  • The file's security descriptor becomes corrupted
  • Ownership information gets lost during extraction
  • There's a mismatch between the file's ACL and the system's security database

First, try taking ownership via command prompt (run as Administrator):

takeown /f "C:\path\to\file" /d y
icacls "C:\path\to\file" /grant administrators:F

If that fails, we need to go deeper with PowerShell:

$path = "C:\path\to\file"
$acl = Get-Acl $path
$admin = [System.Security.Principal.NTAccount]"Administrators"
$acl.SetOwner($admin)
Set-Acl -Path $path -AclObject $acl
Remove-Item -Force $path

When standard methods fail, we can modify the registry to force ownership:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\*\shell\Take Ownership\command]
@="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant administrators:F"

For stubborn files, schedule a boot-time operation:

schtasks /create /tn "DeleteFile" /tr "cmd /c del /f /q \"C:\path\to\file\"" /sc onstart /ru SYSTEM

To avoid this issue in the future:

  • Always extract files to temporary directories first
  • Use 7-Zip instead of built-in Windows compression
  • Regularly check disk integrity with chkdsk /f