I'm trying to copy a folder from one harddrive to another using the folowing robocopy options:
robocopy "H:\Source" "T:\target" /E /COPY:DATSO /R:1 /W:1 /DCOPY:T /Z /LOG:T:\Belfirst_copy.log /NP
For files where the owner is not the Administrator, but some specific domain user, i get the following error:
ERROR 1307 (0x0000051B) Copying NTFS Security to Destination Directory T:\target\...(a lot of files/dirs) This security ID may not be assigned as the owner of this object.
I have tried all the proposed solutions i could find:
For obvious reasons copying without the /COPY:O option solves the problem. But that beats the purpose of course.
What am i missing?
Platform: Windows Server 2008 R2
(This is highly related to "Robocopy failure with Windows Server 2008 Scheduled Task", but i don't have enough reputation yet to add a comment there.)
I also had this trouble. I wrote a batch file to robocopy the current logged in user and copy all his profile folder to a network shared location. Using variables and this combination of switches every folder copied without an errors. A command has to be created for each individual folder, but it works. You may have to give the user permission to create a folder in the network share, or create it prior to first time backup.
robocopy "%HOMEPATH%\FOLDER" "\SERVER\NETWORK_SHARE\%USERNAME%\FOLDER" /s /mir /zb /b /copy:dat
Normally, you can only acquire NTFS ownership of filesystem objects for yourself. You cannot set the ownership to a third person. (This prevents users from e.g. storing compromising or incriminating data under the ownership of another, unsuspecting person.)
There is a "restore files and directories" privilege in the security policy. Microsoft states:
This security setting [...] determines which users can set valid security principals as the owner of an object.
Apparently, you need this privilege to copy ownership. Robocopy must run in a security context that allows setting ownership to arbitrary principals.
By default, local administrators have this privilege:
By default, this right is granted to the Administrators, Backup Operators, and Server Operators groups on domain controllers, and to the Administrators and Backup Operators groups on stand-alone servers.
(The "restore files and directories" privilege is part of the policy. You may need to log off and on again for it to become effective.)
User contributions licensed under CC BY-SA 3.0