I am copying files and folders from a file share on Windows 2003 32bit to a new file share on Windows 2008 R2 64bit. I have been using Robocopy testing on some folders and am able to only successfully copy the unique security settings, like specific users that only can access that folder, but not all. (ie SYSTEM, USERS)
My question is if there is a utility or way to copy the exact setup as is. Including all permissions as they exist on the old server. I am able to create the permissions (SYSTEM, server administrators, etc) on the new share from the parent but that then gives permissions on folders I want restricted.
I hope this makes sense.
Best Answer
The default for
robocopyisDAT. This means it copies the data (file content itself), the attributes (Hidden, System, Read-only, etc.), and the timestamps. If handing it DATSOU, which includes security ACLs, auditing info, and ownership. This is directly from the documentation, copied over at the wonderful ss64:So why is DATSOU not working for you? That might help us figure out exactly what you are looking for? As you mention, there are some limitations. We ran into a similar wall with directories that did not have inherited permissions, which is the issue you described. You could build your own duct tape solution by parsing out info from SetACL, which is the most ridiculously powerful and dangerous Windows util I have seen. That is a pain in the ass though.
Solution two, pull what is probably an insanely large wim and just apply the thing to a fresh drive with
imagex. There is no rule it has to be a Windows system partition; it can be any arbitrary group of files. I have not tried this, so I am sure others can shoot down this idea from experience.Solution three, consider DFS replication. If you can keep the old share up, you can use DFS replication to just redirect requests for files on one share UNC path to go to another. I did that successfully recently and it saved me a BUNCH of trouble. I do not know your use case though.