Compare NTFS permissions between source and destination folder
Hello experts,
I hope all is well. We have tool in C# that copies data from one folder to another, we are looking for a way to speed up the permission comparison and apply any changes made to the NTFS security permissions.
Currently it takes 2 hours to go and compare 20k folders between source and destination (destination is on a remote machine). Do any of you have some good thoughts on how to possibly improve that?
I hope all is well. We have tool in C# that copies data from one folder to another, we are looking for a way to speed up the permission comparison and apply any changes made to the NTFS security permissions.
Currently it takes 2 hours to go and compare 20k folders between source and destination (destination is on a remote machine). Do any of you have some good thoughts on how to possibly improve that?
Another thought is to run icacls after the copy to make sure the proper permissions are applied afterwards -- you add it to the end of your copy process and it will run through the destination folders(s) and assign the proper permissions. Another way of solving the issue.
Incorporating the attribute/ntfs security settings into the copy process will/could eliminate the need.
What is the environment? rsync, DFS-R, robocopy with the /L can be used to get the comparison report.
Is there a possibility to modify the tool?
What is the environment? rsync, DFS-R, robocopy with the /L can be used to get the comparison report.
Is there a possibility to modify the tool?
ASKER
Thank you all for your input, the tool is custom developed in-house using C#.
The issue we run into copying them at the same time could cause an issue as the source folders may have (read only) in source, so once we copy it to target then the target folder would be read only as well which would then deny us from copying files to the location.
Ideally we want to be able to have it compare the permissions fast enough instead of taking 4 hours over 500k folders.
The issue we run into copying them at the same time could cause an issue as the source folders may have (read only) in source, so once we copy it to target then the target folder would be read only as well which would then deny us from copying files to the location.
Ideally we want to be able to have it compare the permissions fast enough instead of taking 4 hours over 500k folders.
not sure what you are using to do the copying but can you remove the Read only attribute when copying for the first time and then run it again for the second time and add it back or setup a parameter that you only copy files that meet certain parameters and then you only have to remove and add back the read only attribute to those files instead of all 500K folders. for instance robocopy has the following switches to add and remove attributes
/A+:[RASHCNET] : Set file Attribute(s) on destination files + add.
/A-:[RASHCNET] : UnSet file Attribute(s) on destination files - remove.
/A+:[RASHCNET] : Set file Attribute(s) on destination files + add.
/A-:[RASHCNET] : UnSet file Attribute(s) on destination files - remove.
not sure what your script does that could run into a situation that it creates a file holder, sets its attributes and then tries to copy the content. Usually the reverse is done without the need to remove/readd attributes.
The issue I suspect deals with folder permissions, i.e. the folder is created, its attributes copied, and then the contents are attempted to be copied.
Unfortunately, there are way too many possible ways with which this issue can arise.
The issue I suspect deals with folder permissions, i.e. the folder is created, its attributes copied, and then the contents are attempted to be copied.
Unfortunately, there are way too many possible ways with which this issue can arise.
ASKER
It is not the read only attribute, It is the read permission, so I am ending up writing all the data then pushing down the permissions to avoid if there is a permission with read access only.
Trying to see if anyone has a way to push permissions or compare permission in C# that does not take as long. :)
Trying to see if anyone has a way to push permissions or compare permission in C# that does not take as long. :)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you guys for your help. Your comments were along the lines were I was heading but was not sure, so it helped determine getting to it. We ended up morphing your suggestions to fit it in our tool and it came out perfectly. Let's just say, it was 2.5 months worth of changes. :)
Thank you once again.
Thank you once again.
https://www.experts-exchange.com/questions/28065160/how-to-compare-NTFS-permissions-between-folders-in-2-computers.html
In the past, this tool scan folder tree & produce permission report which can be saved in Excel hence having 2 reports you can do comparison in Excel, but that doesn't seems fast and automated ... it may have changed - See "Compare Reports feature shows you the differences between permissions in 2 different reports" http://blog.cjwdev.co.uk/2013/09/23/ntfs-permissions-reporter-1-5-released/
Another I saw in this tools too - Beyond Compare. Looks like it also can automate repetitive tasks using a flexible scripting language, and any script can be called from the command line
http://www.scootersoftware.com/features.php
other forum as of below https://helgeklein.com/setacl/