Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 474
  • Last Modified:

Account(s) Unknown after Robocopy

I used Robocopy with /MIR /SEC switches to copy files from a WServer 2003 to my laptop.   Then I used Robocopy again to build those files on new WS 2008 system.  Everything seemed to have gone OK.  Programs on WS 2008 are working OK (so far).  When I view security on the transferred files there are about 4 "Account Unknown" accounts that were created for every transferred share/folder/ and file.

  I would like to remove these 4 accounts, and would like expert advice on how best to do this... before I do it.

Thanks...
0
FrankBabz
Asked:
FrankBabz
  • 3
  • 2
  • 2
  • +1
3 Solutions
 
mcsweenSr. Network AdministratorCommented:
These are likely system accounts or users/groups from the computer the files came from.  If they are Unknown you can safely remove them as they serve no purpose.

They are probably inherited so you should only have to remove them from the top folder.
0
 
QlemoC++ DeveloperCommented:
Correct. Any security setting assigned to a non-domain account will get transferred correctly, and you will only see the GUID/SID. If you are interested in what they mean, you'll have to go back to the source server and look them up. PsGetSid from www.sysinternals.com can help getting a list of valid SIDs for lookup.
0
 
Lionel MMSmall Business IT ConsultantCommented:
These are files associated with your original Wserver 2003 so when it got to your laptop and then to your new server those accounts became unknown or unrecognized. if you can identify all the unknown usernames you can use ICACLS to get rid of them by running this from a command prompt
icalcs * /remove:g "Unknown User" /T
you can use icacls /? to see help for icacls but this is the one you need
/remove[:[g|d]] Sid removes all occurrences of Sid in the ACL. With
    :g, it removes all occurrences of granted rights to that Sid. With
    :d, it removes all occurrences of denied rights to that Sid.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
FrankBabzAuthor Commented:
Three great and helpful responses...  I thank you all very much.

I did suspicion that they were there for reason mcsween suggested.

I went to the root level as suggested and removed all 4, and on the surface all appears to have gone OK.
As the administrator and as it traversed the children... I am curious why I was prompted on 4 or 5 occasions that for certain children files I was advised "Access is denied."   I just agreed with each.... and proceeded to let it finish.

I will do some more testing to see if a problem arises and then complete this thread in about a week for benefit of others.
Frank
0
 
mcsweenSr. Network AdministratorCommented:
The access denied message likely means those folders don't have inheritance on them and you haven't been granted access to them.  The easiest way to fix that is to take ownership of the folder/files then set them to inherit permissions from their parent.
0
 
FrankBabzAuthor Commented:
As I recall they were files like .accde and even PDF files.  I should have kept notes.
0
 
QlemoC++ DeveloperCommented:
The files might also have been in (write-enabled, exclusive) use.
0
 
FrankBabzAuthor Commented:
You are right on the money (I think).   Took new server to office...  Admin account works fine. With user accounts (all in IIS_User) having permissions all but  "full control."   However, I am running into these write-enabled - exclusive use issues and in one program I cannot start due to "file in use" message.

Anyway...  I have a mess and sure could use help, but this thread is expanding the scope of the original question.  Your suggestions most appreciated.

Frank
0
 
Lionel MMSmall Business IT ConsultantCommented:
Well what may be best is to tel us what you want to end up with, which files and which folders you want what permissions on--hopefully you have groups assigned because that will make it much easier rather than user by user
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now