Link to home
Start Free TrialLog in
Avatar of Alex
AlexFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Read-only flag on robocopy

Morning all,

So a really odd issue has happened, I've migrated a file server using robocopy which was fine. The users could access the files but not modify them. So I checked the security which is also fine, but what I found is the folder has a "Read-only" flag set.

I checked the source and it was set there on a 2003 server, does this change on a 2012 box?

Avatar of McKnife
Flag of Germany image

Avatar of Alex


Right, so on 2003 that's by design, I assume it screws up on 2012 when you robocopy to it.
This is still by design on modern OS'.
What "screws up"? I don't understand.
If users cannot write, the question is: did you verify permissions?
Avatar of Alex



I checked permissions, they have modify rights on the folder, I used the following robocopy command

“robocopy  \\Server1\s$ \\server2\S$ /E /ZB /DCOPY:T /COPYALL /R:0 /W:0 /V /TEE /LOG:RobocopyS.log”

so when the user tries to modify a file, they get access denied, so the NTFS level is fine but it still doesn't work.
Avatar of oBdA

Check the share permissions through which the users access the files. Default is "Read" for the group Everyone  ...
Avatar of Alex


I used authenticated users and Read instead of everyone.

Should achieve the same goal right?
You should give authenticated users Full Control in the share permission.
Avatar of Alex


..... really? So everyone only needs read, authenticated users are full control?
You should always define the share permissions to Full Control for Everyone.  (unless if you want to restrict your share to read only)
Then you set your NTFS permissions (ACL) on your directories and files.
Avatar of oBdA

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Never full control on the share permissions!

If you set share perms to full control, then no matter how the NTFS permissions are, the owner of a folder (=the user himself) will ALWAYS be able to change permissions on his folders which is (usually) not what admins want.