7

We are in the process of decommissioning our old file server in a much-needed upgrade. It goes without saying that this needs to be as seamless as possible, as to affect the end-users as little as possible. We're upgrading from Server 2000 to Server 2008.

I've been working with consultant on this in an effort to make this smooth, however he's a busy man and I've spotted some holes in his work. He's suggested we use Robocopy to copy all the files from the old server to the new one, then the day before we make the new server live to run the command again to copy any files that had changed since the original copy.

We've done the first copy and the first major glitch is that none of the permissions have been carried over. This isn't the end of the world and considering we're copying almost a TB of data I'm sure it would be quicker for me manually re-do the permissions as opposed to re-copying everything over with the correct switch. Rather than depend on my consultant I figured I'd try to take matters into my own hands.

Here's the command he's recommended (executed from the new file server).

Robocopy \\oldserver\Data E:\DATA /MIR /FFT /Z /XA:H /W:5

Is there an easier way to copy all of this data (while maintaining permissions) before we go live?

DKNUCKLES
  • 4,028
  • 9
  • 45
  • 60

3 Answers3

6

The version of robocopy that is included with Server 2008 does not include the security attributes when you use the /MIR option. You have one of two options:

  1. Install the version from the Server 2003 Resource Kit (http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=17657) and command you already have.

  2. Run the command you already have and immediately run the following to copy the security attributes onto the files. Robocopy \\oldserver\Data E:\DATA /COPY:S

MDMarra
  • 100,183
  • 32
  • 195
  • 326
jt.
  • 331
  • 3
  • 6
5

The parameter /sec needs to be added to your command-line. This will cause the /mir to copy security attributes. However, you really, really want to do that to a fresh target. Because of how robocopy works, it'll apply security settings to a directory and then proceed to copy in the child contents. This way those children get their inherited rights correctly.

Do /sec after already doing a copy, and you'll end up waiting for the rights-apply to percolate down the tree for each directory (or file) with explicit rights set.

I used the /mir /sec combination frequently to move some rather large directories. It works great.

sysadmin1138
  • 131,083
  • 18
  • 173
  • 296
  • Thank you for your feedback. The reason I had previously avoided using the /sec switch is because I had read that it only copied folder permissions and not file permissions : http://blogs.technet.com/b/filecab/archive/2008/07/31/robocopy-mir-switch-mirroring-file-permissions.aspx - Has this proven to be problematic for you? – DKNUCKLES Sep 20 '11 at 19:16
  • 1
    @DKNUCKLES Not in the least. We **strenuously** discouraged direct file permissions, and had done so since the NetWare days. If they got lost, they shouldn't have been doing that in the first place and maybe they should listen next time. Even so, I hadn't heard of a single problem incident of that. – sysadmin1138 Sep 20 '11 at 19:23
  • That's great! Thanks so much for your feedback Sysadmin1138 - I appreciate the expertise. – DKNUCKLES Sep 20 '11 at 19:37
1

Another alternative to robocopy could be the File Server Migration tool. I'ev used this to migrate FS data from NT4 to 2003 in the past. Not only does it migrate permissions but it will migrate your shares.

BoyMars
  • 1,012
  • 1
  • 6
  • 15