Robocopy ERROR 1307 (File ownership error)

There's a difference between taking ownership (granted by the "Take ownership of files or other objects" user right or the "Take Ownership" NTFS permission) and assigning ownership.
For the latter (which is what you're trying to do), the account you're using will need the "Restore files and directories" user right on the target server. I suspect this one is missing in your case.
How Permissions Work
https://technet.microsoft.com/en-us/library/cc783530(v=ws.10).aspx

Thanks for replies, there's a few parts to the setup, maybe u can advise who needs access to what.

- at startup on the client win10 machine a script creates a c:\folder. Admins FC permissions.
- at user login a subfolder called the users name is created in this with permissions modify.
- a powershell script exists on netlogon that backs up c:\folder to a backup share
- a scheduled task is created on the client machine using GPO, that runs the backup script at startup. The scheduled task runs under the SYSTEM account. This could change I guess.

There are many client machine and many users on each machine (School).

So...what to do?

By the way as a test we have already set EVERYONE full control permissions on the destination backup share...

for schedule task use account with domain admins right or account having admin rights on source and destination directories

System account is good for local machine operations but not good for network operations as far as I can think

We need to backup ownership as the users will have quotas set on their local folders, this relies on ownership, so if we need to restore from backup we need to also restore this ownership.

One problem we've already gone through is the ONLY way we could get a scheduled task to appear on the local machine using group policy is to have it configured to run using the system account.

Thanks

You have been given options.

Still I don't understand why you let the script run as user. Why not simply take an account that is administrator on both source and target?

Thanks, we need to have this script run at startup. To prevent flooding the network with every machine starting and backing up at the same time there's a random delay in the script, up to 10 mins. Do u have an idea to run this other than in a scheduled task? A GPO startup script will prevent the machine being used until the script has completed....

A scheduled task from GPO only works if you configure it to use the system account, we can't just use an admin account.

You had been told to assign that privilege to the group domain computers (wouldn't "gve me the creeps") - a simple solution.

running schedule task is different operation and creating schedule task is different operations

U can specify domain account under which security context schedule task can be run, however when you use GP preference, the task will be created on clients through security context of system account as GP preferences by default would run through system account

If u could explain how could you resolved issue ?

I didn't resolve it, i ended up not backing up permissions or ownership, and not using a scheduled task to run the script. The project now runs the script at startup but hidden in the background and the restore script will sort out ownership etc when required....not the best.

You could have used the solution - why don't you?

I couldn't get the startup script, even when created manully for testing to run unless it was created to run with the SYSTEM account. Adding the Domain Computers group to the "Restore files and directories" user right on the backup server also made no difference to backing up security or ownership of the files.

That made no difference? That would surpise me. Will try to reproduce on monday.