The question appears often enough, how do I transfer my data from my old server to the new server while preserving file shares, share permissions, and NTFS permisions. Here are my tips for handling such a transfer.
There are many potentially different circumstances involved with a file server migration. Are you preserving your domain? How was the old server setup? Was it a VM? A VM on a different platform than the one you are moving to? And, no doubt, countless more variables. This article is intended for the generally healthy file server and domain being moved to a new file server. If your existing system is a mess, you may just want to start over and this article won't really be appropriate.
Method 1: Backup and Restore.
A disaster recovery best practice (and in some cases, a compliance requirement) is to test your backups. Migrating between file servers can be a fantastic opportunity to do so.
Using this method, you can take your most recent full backup and restore it to the new server. You're not doing a full server restore, but a full data restore. A well designed file server has the file share data and the operating system living on separate volumes (drive letters). By restoring the data volumes to the new server, you are confirming your backups worked and any good backup software should handle the NTFS permissions as well.
Further, if you use full and differential or full and incremental backup models, you can perform your Full restore and then the subsequent differential or incremental backups, which are typically much smaller, can be restored far more quickly meaning there is a minimal time window where the server would have to be (should be) off-line from user access.
This method can generally be fast, but speed will depend on the file sizes you are both backing up and restoring. As a general rule, small file sizes, even on the fastest storage subsystem, can take considerably longer to copy and even restore than large files.
Tests backups. Can be pre-staged allowing minimal time to finalize.
Potentially slow depending on file sizes to be backed up and restored.
Method 2: Disk2VHD.
If you're virtualizing (and you should be unless you have a darn good reason not to), and your existing file server is not currently virtual, you can create a virtual copy of the data drive using the free Disk2VHD1
tool from Microsoft. This tool generally works fast and reliably to create a dynamically expanding VHD or VHDX that is compatible with Microsoft's Hyper-V Virtualization platform.
The tool does not directly copy files but rather reads the disk and recreates it in a single large file form. As a result, it often can run as fast as the disk subsystem allows and file sizes stored (large or small) will not matter. Additionally, it retains all NTFS permissions you may have assigned to the drive.
Fast, Creates a Fully Compatible Hyper-V virtual hard drive. Can make copying to and from intermediate media much faster.
Requires your destination VM to be a virtual machine on a supported platform. Does not facilitate testing your backup strategy.
Method 3: Copy Utilities.
There are many utilities that can be used to copy files and preserve permissions. Two of the more common tools from Microsoft would be XCOPY and ROBOCOPY.
Using XCOPY, the command I would use would be:
The command parameters are:
XCOPY "\\sourceServer\ShareName\*.*" "\\destServer\ShareName\" /E /C /H /X /K /I /V /Y >Copy.log 2>CopyErr.Log
- /E - Copies directories and subdirectories, including empty ones.
- /C - Continues copying even if errors occur.
- /H - Copies hidden and system files also.
- /X - Copies file audit settings (implies /O).
- /K - Copies attributes. Normal Xcopy will reset read-only attributes.
- /I - If destination does not exist and copying more than one file, assumes that destination must be a directory.
- /V - Verifies the size of each new file.
- /Y - Suppresses prompting to confirm you want to overwrite an existing destination file.
At the end, I redirect output to a file called "Copy.log" and also create a separate error log file called "CopyErr.log"
Using Robocopy the command would look like this:
The command parameters are:
ROBOCOPY "\\sourceserver\ShareName" "\\destServer\ShareName" /E /COPYALL /R:0 /LOG:Copy.log /V /NP
- /E - Copy subdirectories, including Empty ones.
- /COPYALL - COPY ALL file info
- /R:0 - Number of Retries on failed copies: default 1 million. (this sets to 0 and disables retries as they almost never produce success and just delay the copy).
- /LOG - Output status to LOG file (overwrite existing log).
- /V - Produce output in verbose (detailed) mode.
- /NP - No Progress - don't display percentage copied.
Note: Robocopy has many options and it's possible to accomplish the same result with a different but similar switch set.
You can get more information on the ROBOCOPY and XCOPY commands by opening a command prompt and typeing ROBOCOPY /? or XCOPY /?. Or visit the SS64.com entries for Robocopy
Once started, there's no pausing. Potentially slow. If the copy stops, it should be restarted from the beginning to ensure there are no file corruptions (on large volumes this can take a VERY long time).
Method 4: Replication/Sync.
Multiple tools from both Microsoft and third parties exist that can help you replicate data between two or more servers. Doing so can help ensure that data is available even in a disaster or at "full speed" to branch offices.
Distributed File System Replication (DFSR) is Microsoft's method for synchronizing the contents of two file shares. In conjunction with the Distributed File System Name Space, DFSR can make multiple servers share files to your users by having the user acces the file share via \\domain\share instead of \\server\share. DFSR and the DFS Name Space consolidates multiples servers behind one share that points to multiple servers. Especially in multi-site environments, this allows users at each site to "favor" access on their local server but fall back to other servers that may not be local in the event the local server (or their preferred server) is unavailable.
Using DFSR, it becomes easy to simply add another file server, allow it time to replicate the data from the other servers, and then remove an older server with little to no user notice. Users won't easily know which server they are connected to at any given moment.
DFSR works at the block level, meaning that if you have a 4 MB file and only change a small portion of that file, only that portion needs to be replicated to all the other servers on the network, not the entire file. This can greatly reduce replication bandwidth and ensure that changes reach all servers as soon as possible.
Other third party tools can be employed as well. cwRSync
is a Windows port of a commonly used linux tool called RSync which synchronizes the contents of two folders.
Can enhance the overall reliability and accessibility of data on the network. Allows for easily adding additional file servers without reconfiguring end users or group policies.
Can take longer to setup and complete the migration process. Certain files may not replicate.
Method 5: Virtual Hard Disk Transfer
Most modern networks with file servers utilize virtualization and, hopefully, already have their file servers virtualized. If that's the case, your transfer, no matter how much data you have stored on your file server, may take seconds. Transfer the virtual hard disk from the old file server to the new file server.
My experience is with Hyper-V but a similar method should be possible with VMWare and other virtualization platforms.
- Create new virtual hard disk(s) on the new file server.
- Copy the STRUCTURE of old file server to the new file server (this is to allow you to copy the share level permissions and shares via registry (as noted below), pre-staging that part of the configuration.
XCOPY "\\sourceServer\ShareName\*.*" "\\destServer\ShareName\" /E /C /H /X /K /I /V /Y /T >Copy.log 2>CopyErr.Log
/T - Creates directory structure, but does not copy files. Refer to method 3 for other switch functions
- Shutdown the new file server and remove the temporary virtual hard disks
- Shutdown the old file server.
- Disconnect the data drive(s) from the old file server in the VM's configuration
- Reconnect the data drive(s) to the new file server in the VM's configuration
- Restart the new file server
- [optional] Rename the new file server to the old file server's name (NEVER TURN THE OLD FILE SERVER BACK ON WHILE IT'S CONNECTED TO THE NETWORK IF YOU DO THIS!)
If you're migrating to new physical hardware, you may need to replicate/migrate the old systems to the new hardware as a very first step as your hypervisor platform may require the data stores used be accessible to one system at a time.
A quick note about NTFS permissions - they are stored by globally unique IDs on the disk. Any domain-based permissions will be preserved when transferring disks (physical or virtual) between domain joined systems.
Transfer, regardless of data size is very fast, usually done in under 5 minutes.
Still requires a brief amount of downtime. Requires you to be moving VMs on the same basic hypervisor platform.
Method 6: Storage Migration Service (Windows Server 2019 & Windows Server 2022)
I have not personally used this feature and it was introduced after this article was first written, but it would be inappropriate not to mention it as an option. For more information, see the Overview of the Storage Migration Service at Microsoft's website - https://docs.microsoft.com/en-us/windows-server/storage/storage-migration-service/overview
(NOTE: This feature of Windows server is intended to copy share level information as well making the Share Permissions part below unnecessary).
No need to separately copy share data, minimal to zero down time.
Requires Windows Server 2019 or Windows Server 2022.
In most cases, I don't bother with share permissions. And since most servers only have a handful of shares, I often just recreate them as the time required to "migrate" them would be excessive by comparison. However, there can be cases (especially in environments concerned with compliance), where you may have extensive share permissions defined. The good news is that since Windows 2000 (and probably earlier) little has changed in how this information is stored which means how you can transfer it hasn't changed much either.
Shares are stored in the registry at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer\Shares. By exporting this key, you can get all the shares, drive paths, and permissions used by your shares.
HOWEVER, it's important to understand that when importing these shares to the new server, if the drive letters don't match, the shares won't transfer. For example, if your old server had a C: drive (with the OS), a D: drive which was your CD/DVD drive, and an E: drive which was your data drive, and you imported those share settings to a server with only a C: and a D: drive (where the data was on D: and there was no CD/DVD), then your shares would NOT transfer.
To ensure they do, make sure you assign the same drive letters on the new server as the old. Further, I would recommend editing the exported .reg file and removing the shares that don't apply or may already be shared on the new server - for example, the admin$ share and the c$. (Newer versions of Windows may not include these in the exported file / may not have them present in the lanmanserver registry location).
Which method you choose depends on what you are most comfortable doing, the time you have to complete the task, and the skill (and comfort level) you have with the technologies involved. If you believe one method is superior to another for your organization but lack the skills to implement it yourself, I strongly encourage setting up a lab system with virtual machines and playing with the technologies, simulating the process to see how it works and get comfortable. If you lack time and/or interest in doing that, I more strongly encourage you to hire a professional to handle the migration for you or work with you to complete it.
1. Disk2VHD creates Hyper-V compatible VHD and VHDX files. If you are using a different virtualization platform, you may need to use another tool or another method of transfer.