Avatar of Alex
Alex
Flag for United Kingdom of Great Britain and Northern Ireland asked on

Read-only flag on robocopy

Morning all,

So a really odd issue has happened, I've migrated a file server using robocopy which was fine. The users could access the files but not modify them. So I checked the security which is also fine, but what I found is the folder has a "Read-only" flag set.

I checked the source and it was set there on a 2003 server, does this change on a 2012 box?

Thanks
Alex
Windows OSSecurity* Robocopy

Avatar of undefined
Last Comment
McKnife

8/22/2022 - Mon
McKnife

Alex

ASKER
Right, so on 2003 that's by design, I assume it screws up on 2012 when you robocopy to it.
McKnife

This is still by design on modern OS'.
What "screws up"? I don't understand.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
McKnife

If users cannot write, the question is: did you verify permissions?
Alex

ASKER
Yep,

I checked permissions, they have modify rights on the folder, I used the following robocopy command

“robocopy  \\Server1\s$ \\server2\S$ /E /ZB /DCOPY:T /COPYALL /R:0 /W:0 /V /TEE /LOG:RobocopyS.log”

so when the user tries to modify a file, they get access denied, so the NTFS level is fine but it still doesn't work.
oBdA

Check the share permissions through which the users access the files. Default is "Read" for the group Everyone  ...
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Alex

ASKER
I used authenticated users and Read instead of everyone.

Should achieve the same goal right?
Olivier Marchetta

You should give authenticated users Full Control in the share permission.
Alex

ASKER
..... really? So everyone only needs read, authenticated users are full control?
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Olivier Marchetta

You should always define the share permissions to Full Control for Everyone.  (unless if you want to restrict your share to read only)
Then you set your NTFS permissions (ACL) on your directories and files.
ASKER CERTIFIED SOLUTION
oBdA

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
McKnife

Never full control on the share permissions!
Everyone:modify.

If you set share perms to full control, then no matter how the NTFS permissions are, the owner of a folder (=the user himself) will ALWAYS be able to change permissions on his folders which is (usually) not what admins want.