I'm trying to copy a folder from one harddrive to another using the folowing robocopy options:
robocopy "H:\Source" "T:\target" /E /COPY:DATSO /R:1 /W:1 /DCOPY:T /Z /LOG:T:\Belfirst_copy.log /NP
For files where the owner is not the Administrator, but some specific domain user, i get the following error:
ERROR 1307 (0x0000051B) Copying NTFS Security to Destination Directory T:\target\...(a lot of files/dirs)
This security ID may not be assigned as the owner of this object.
I have tried all the proposed solutions i could find:
- Give the Domain user i'm logged in with, and running the script as,
full access to the source, and target directory. - Give the Domain user
i'm logged in with, and running the script as, the "Restore files and
directories" priviledge. - Run as administrator
- Run as a bat file
- Log off and log on again and retry
- use the /B option
- Try without the /COPY:S option
For obvious reasons copying without the /COPY:O option solves the problem. But that beats the purpose of course.
What am i missing?
Platform: Windows Server 2008 R2
(This is highly related to "Robocopy failure with Windows Server 2008 Scheduled Task", but i don't have enough reputation yet to add a comment there.)
Best Answer
Normally, you can only acquire NTFS ownership of filesystem objects for yourself. You cannot set the ownership to a third person. (This prevents users from e.g. storing compromising or incriminating data under the ownership of another, unsuspecting person.)
There is a "restore files and directories" privilege in the security policy. Microsoft states:
Apparently, you need this privilege to copy ownership. Robocopy must run in a security context that allows setting ownership to arbitrary principals.
By default, local administrators have this privilege:
(The "restore files and directories" privilege is part of the policy. You may need to log off and on again for it to become effective.)