You may have noticed that since Server 2012 R2, signing in with a local admin account (that isn’t .\Administrator) doesn’t run Windows Explorer as an admin. You’ll be logged in, of course, but File Explorer won’t be running with elevated privileges, and that means that you can’t change security ACLs on files through the GUI.
As it turns out, it’s pretty easy to fix this on a session-by-session basis.
Fire up Powershell as admin (for some reason this doesn’t work in CMD and I haven’t had the brain space to figure out why) and run the following:
taskkill /f /FI "USERNAME eq $env:UserName"/im explorer.exe
That will kill the exiting explorer session for you (and it won’t restart, as it’s wont to do if you kill the process through task manager).
Then, run the following:
c:\windows\explorer.exe /nouaccheck
That’ll fire up explorer again, but this time you’ll be able to open File Explorer with your admin privileges and make changes as necessary.