BlackWaspTM
Home
Articles
Tutorials
FAQ

This web site uses cookies. By using the site you accept the cookie policy.This message is for compliance with the UK ICO law.

Network and Internet
.NET 2.0+

Determining the Owner of a File or Folder

by , published at http://www.blackwasp.co.uk/GetFileOwner.aspx

When using the New Technology File System (NTFS), every file and folder has an owner. This is a user or a group that gains special rights over the item, such as the ability to set its permissions. The owner of a file or folder can be determined with .NET.

File Ownership

Under NTFS all files and folders have an owner, which may be a single user or a user group. If you are the owner, or your user is within the owning group, you automatically gain additional rights over the item. For example, you can change the permissions of an owned file, even if your normal user rights would not permit this. The owner of a file is usually the user that created it, though this can be modified using standard tools or by taking ownership of a file.

The image below shows the ownership for a file in Windows 2008 R2. In this case the file is owned by the "Administrators" group.

File owner in Windows 2008 R2

If you are developing software that works with files, you might need to programmatically determine the owner of a file. This can be achieved using several classes from the .NET framework. In this article we'll see how to obtain the owner's name as a string.

We'll need to use classes from several namespaces. Create a new console application project and add the following using directives to the Program class to simplify access to these namespaces.

using System.IO;
using System.Security.AccessControl;
using System.Security.Principal;

Obtaining a FileSecurity Instance

The first class we need is FileSecurity. This represents the security options for a file or folder. You can create a FileSecurity object using the File type's GetAccessControl method. This is a static method that requires a single string argument to specify the path to the item to be examined.

For example, the sample code below creates a FileSecurity object for the file, "c:\TestFile.txt":

FileSecurity fileSecurity = File.GetAccessControl(@"c:\TestFile.txt");

Obtaining an IdentityReference Instance

Once you have a FileSecurity object you can use it to create an IdentityReference. This class holds the security details for a user or group. To create it you call the FileSecurity object's GetOwner method. The method includes a parameter that accepts the type of object you wish to generate. We'll pass the SecurityIdentifier type to this parameter, as shown below:

IdentityReference identityReference = fileSecurity.GetOwner(typeof(SecurityIdentifier));

Obtaining an NTAccount Instance

The IdentityReference type includes the security identifier (SID) for the owning user or group. This can come in handy when working with the file system or when coding against Active Directory. However, it does not allow you to obtain the name of the owner in human-readable form. To get this, we need to translate the IdentityReference into an NTAccount object.

Although NTAccount is a subclass of IdentityReference, the object we've created is not an NTAccount and a simple cast is not possible. Instead, we need to use the object's Translate method to perform the conversion. This method requires that we specify the target type for the translation. We'll specify NTAccount. The return value is a new IdentityReference that holds an NTAccount object. In the sample below this is converted to an NTAccount instance using the "as" operator.

NTAccount ntAccount = identityReference.Translate(typeof(NTAccount)) as NTAccount;

With the NTAccount object present, we can finally output the name of the file's owner, as follows:

Console.WriteLine(ntAccount.Value); // BLACKWASP\Administrators

Creating a Method

We can easily combine all of the above code into a reusable member. The method below is static to allow it to be called from the Program class without first creating an object. For real projects it would more likely be included as an instance method in a utility class:

private static string GetOwnerName(string path)
{
    FileSecurity fileSecurity = File.GetAccessControl(path);
    IdentityReference identityReference = fileSecurity.GetOwner(typeof(SecurityIdentifier));
    NTAccount ntAccount = identityReference.Translate(typeof(NTAccount)) as NTAccount;
    return ntAccount.Value;
}
23 June 2013
RSS FeedTwitterGoogle+Facebook
.NET FrameworkAlgorithms and Data StructuresAudioC# ProgrammingConfigurationDebuggingDesign PatternsDocumentationGraphicsInput / OutputLINQNetwork and InternetParallel and AsynchronousPerformanceProgramming ConceptsRefactoringReference SheetsReflectionRegular ExpressionsSecuritySQL ServerSystem InformationTestingToolsVisual StudioWindows ProgrammingWindows Presentation FoundationXML
©2006-2024 BlackWasp
All Rights ReservedCookie PolicyPrivacy PolicyTerms of Use