I'm working with a file share on a NAS that holds Citrix profiles. Every user has full control over their own folder. I'm using robocopy to transfer files from the NAS to Server A, and then from Server A to Server B. The scripts are identical except for the source and destination paths. While the ACLs are transferred correctly from the NAS to Server A, they seem to vanish when moving from Server A to Server B.
I suspect it might have something to do with the CREATOR OWNER ACL since users get permissions from this. However, I thought this would lead to permissions not transferring from the NAS to Server A at all.
Here's what I'm using for the scripts:
First (NAS to Server A): `robocopy \powernasPowerNASFSLogix d:rootbkupprofileFSLogix2 /r:3 /E /COPY:DATSO /SEC /SECFIX /MIR /MT:16 > c:batchcopy1.txt`
Second (Server A to Server B): `RoboCopy.exe "D:rootbkupprofileFSLogix2" "\rackstationFSLogixFSLogix" /r:3 /E /COPY:DATSO /SEC /SECFIX /MIR /MT:16 > c:batchcopy2.txt`
In this [screenshot](https://imgur.com/rLPl7se), you can see that Janet has permissions on Server A but loses them on Server B. I should mention I did kill the robocopy process after it started, which might affect how ACLs are applied. Any insights on what's going wrong?
4 Answers
Your script looks good overall, but the issue might be with the CREATOR OWNER ACL. It's a special identity, which means it can't be copied directly since it doesn't act like a group. Also, robocopy applies permissions immediately as files and folders are copied, not at the end of the process, so you should see the permissions update right away.
Make sure your share permissions grant full control to your principal. If they’re only set to read/write, it won’t be able to apply security settings during the copy process.
Try using the `/b` switch to enable backup mode. This mode copies permissions exactly as they are, regardless of other settings.
Check if your logs indicate any errors regarding setting permissions. I suggest using the `/log+:"logfilename"` option instead of `>` for better logging since it can provide more insights into what's going wrong during the copy.
Good idea! I’ll switch to that. There haven't been any errors in the logs so far. I'll also try adding explicit permissions on the NAS to see if CREATOR OWNER is really the issue.
That's interesting to know! I’m confused though how the permissions copied over from the NAS to Server A without issue. I’ll try testing with explicit permissions on a folder to see if that works. Thanks for the insight!