Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
Solved

Using Richcopy to copy shares and permissions.

Posted on 2011-02-12
Medium Priority
7,616 Views
Hi,

Can someone outline a tried and proven method for copying shares from one server to another keeping all security permissions in tact. I really want to keep using Richcopy (robocopy GUI) but the last time i used it, it did not copy permissions right).

I am mainly concerned with moving financial folders and User's home folders which have various security restrictions applied via NTFS permissions.

I am looking for TRIED and tested methods on this one and am hoping someone who has done Home Folder / User folders moves regularly will answer this one for me... Have read too many articles which have not given simple tried and tested method.

P.
0
Question by:Itomicltd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

• Help others & share knowledge
• Earn cash & points
• 10
• 9

LVL 5

Expert Comment

ID: 34879891
I've never used the Richcopy GUI, but I've used RoboCopy plenty of times on the command line to do exactly this and it has always worked fine for me.

Use the /SEC flag to copy across the relevant NTFS ACLs with the data.

0

Author Comment

ID: 34880043
I have tried Robocopy once but started using the GUIs after for ease of use, maybe i'll give the command line another shot. So if i want to move the following share to a new server what exact command would you recommend..

Share to move \\alpha02\users

The actual folder sits on the D drive of the alpha02 server and i want to move it to the E drive of alpha03 server. I want it to be shared out the same way and i want it to retain all attributes, especially security from old share. I will then change all batch files and VBS scripts to reflect new share location.... Just need to nail the command...

Can you advise what exact command you would use for this since you do it regularly...

Thanks
0

LVL 5

Accepted Solution

LLMorrisson earned 500 total points
ID: 34880385
Well I don't do it *regularly* but I've done it this way before.

I'd probabaly go with this;

robocopy <source> <destination> /E /COPYALL /R:1 /LOG:<logfile> /V /TEE

/E = copy all foldes inc. empty ones
/COPYALL = copy all (data, security, attributes, owner info, audit info and timestamps)
/R:1 = retry each file only one (default is 1 million. If it doesn't work first time its unlikely to next times)
/LOG: = outpt log to file so you have a saved note of any failures etc
/V = make log verbose, showing skipped files etc
/TEE = output to console as well as log (so you can see its doing stuf as it runs)
0

LVL 5

Expert Comment

ID: 34880391
Oh, additionally I'd probabaly log in as a domain admin and copy it using the admin shares rather than any shares you set up. Dunno if that is important really but just my personal preference. So from alpha03 I'd run....

robocopy \\alpha02\d$\users e:\users /E /COPYALL /R:1 /LOG:e:\robocopy.log /V /TEE Make sure you set your share level permissions the same on \\alpha03\users as on \\alpha02\users too of course. 0 LVL 4 Expert Comment ID: 34880449 Robocopy will copy security and shares, once you finished copying iether restart 'server' service or restart then all the shares will also appear. 0 Author Comment ID: 34882310 Hi Gavin, Not sure what your saying there, can you elaborate ? P 0 Author Comment ID: 34882328 LL, Do i use the share name as in \\alpha02\users or do i use the share location as in \\alpha02\d:\data\users ? p 0 LVL 5 Expert Comment ID: 34882541 Personally I would use \\alpha02\d$\data\users as the source running the command from alpha03, but you probably could also just use \\alpha02\users since they point to the same place. It is just my personal preference of how I would do it.

So to put the real path you have provided into the command, run it from alpha03 and use the command like this;

robocopy \\alpha02\d\$\data\users e:\data\users /E /COPYALL /R:1 /LOG:e:\robocopy.log /V /TEE
0

Author Comment

ID: 34888807
Hi Guys,

I have moved all the shares, but  the logon script changes i have made don't appear to be taking effect. The old script appears to run even after restart? i can only deduce that its not using the bat file that i changed, can anyone suggest why this might be happening ? I have checked GP for overriding VBS scripts but there is nothing there i can see....
0

LVL 5

Expert Comment

ID: 34888889
where are the scripts being run from, and how are they picked up. Is it a group policy? Have the changes made/replicated to all DCs?
0

Author Comment

ID: 34889000
I made the script changes on the current DC , its a SBS2003 server. I found the script in the following path .. \\SERVERNAME\SYSVOL\DOMAIN\SCRIPTS\"batch file name" I have used the DC as the servername, in this case "sbs2003" . Can you advise on how to be 100% that this is the correct location, because if its not i need to know for the future.
0

LVL 5

Expert Comment

ID: 34889762
That location should be fine, although you could check the NETLOGON share too just in case. Technically I think it is the same place.

Is the script being run from a GPO or just attached to the user account object in AD. We need to figure that out to know how the script is being picked up.

If you run the script manually from that location I assume it works?

0

Author Comment

ID: 34902620
To answer all 3 questions LL........

Netlogon share is in the same place. And same batch file there, so not location issue.

Script is attached to AD account currently and i do not see any GP scripts defined at all.

When i run script manually, it will not map drives. This is the key i imagine, but as to how to ascertain how the old mappings stilll run every morning is still a mystery to me....any ideas ?
0

LVL 5

Assisted Solution

LLMorrisson earned 500 total points
ID: 34903073
Does the login script delete the existing mappings before it tries to remap them? Usually behavior is for Windows to remember the mappings between logins unless you set them to be non-persistent.

So you either need to ensure the mapping command has a /PERSISTENT:NO at the end.

Or, you need a NET USE <driveletter>: /DELETE just before the new mapping. Otherwise is the old mapping still exists on the client then the new one won't automatically overwrite it.
0

Author Comment

ID: 34905056
Figured out the scripting issue, whoever created the batch files did not leave a space between the <driveletter>: and the /delete and it did not run the delete! , amended and now it runs....thanks for pointing me in the right direction on it. I am awarding LL the points for help on point issues....cheers mate.
0

Author Comment

ID: 34936770
Hi,

After copying a 100gb folder called SHARED, i have gone through the log and see "access denied" errors (there are 8,700 files which have not been copied out of 60,000 files). The issue on them appears to be that i don't have permission to move (when i go to security tab of folders in question either there are no permissions or it says i can't view permissions)

How do i get around this. I am logged on as domain admin.
0

Author Comment

ID: 34936799
Also, is there an easy way to copy these missed files rather than run the whole copy again ?
0

LVL 5

Expert Comment

ID: 34942988
Try running again and add the /B option to use backup mode. This will try to give you permission to back up files you don't specifically have permission to access9 (using the built-in backup administrative privilege) but if this doesn't work you'll probabaly have to go and "take ownership" of the files you don't have permission to and give yourself permission. Obviously check with an appropriate person to check taking ownership of the files meets with any company policies if you have to take that route.

Just run the command again; Robocopy will automatically skip files it's already copied so long as they haven't changed since.

0

Author Comment

ID: 35107969
That last bit did it LL, thanks for your help, does backup mode make any difference to the file as if not i might use it as default from now on.
0

LVL 5

Expert Comment

ID: 35109194
AFAIK, backup mode and restartable mode cannot be used together. "Restartable" means Robocopy should write a recovery record inside an incomplete file so if the operation is interrupted or aborted, a future run of Robocopy can resume copying where the previous one left off, instead of starting over at the beginning. This is useful for reliably copying large files or many files over an unreliable network such as a VPN or the Internet.

In your case backup mode is probably more suitable.
0

Featured Post

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IT teams define success as solving problems quickly. To enable ITSM modernization we have to think of adopting the tools and methods that will enable resolution of ITSM issues more quickly.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Suggested Courses
Course of the Month9 days, 20 hours left to enroll