TOKEN_OWNER contains the default owner security identifier (SID) that will be applied to newly created objects.
Pointer to a SID structure representing a user that will become the default owner of any objects created by a process using this access token. The SID must be one of the user or group SIDs already in the token.
Whenever the process using this access token creates a new object, the object is owned by the Owner, unless the process provides a security descriptor for the object.
The Owner must be a legally formed SID and must match one of the user or group SIDs already in the token.
If it is a group SID, the Owner must match a group SID in the token, where the attributes on the group must include SE_GROUP_OWNER and must not include SE_GROUP_USE_FOR_DENY_ONLY.