Windows Server 2012 R2 robocopy not copying inherited directory permission from source file server to destination ?

Similar Messages

• Robocopy on Windows Server 2008 SP2 does not copy folder permissions

  When using Robocopy to copy folders and files from one local hard disk to another, using /COPYALL /E /TEE options, the target folder does not contain the source folder's ACL. I've tried other options such as: /COPY:DATSOU or /SECFIX, it made no difference.
  Test scenario: Create a folder on C:, Test1. Add to Test1's permissions a local group with Read, e.g. Backup Operators. The ACL list should have permissions inherited from C:\ plus Backup Operators that's not inherited. Use Robocopy to copy Test1 to C:\Test2, check the ACL on Test2. Backup Operators is missing.
  It looks like Robocopy cannot override the target folder's permissions inheritance, the folder  retains the parent folder's ACL.
  I've also disabled User Access Control in troubleshooting this problem.
  To add to this issue, there's a workaround can be used to ensure the target folder's ACL is the same as the source folder's ACL. It's a two step process.
  1) Use XCOPY source_folder target_folder /I /E /X /T  -  This lays down the directory structure including the ACLs
  2) Use ROBOCOPY source_folder target_folder /COPYALL /SECFIX /E  - This will copy over the directories and files, enforcing the files to receive the parent folder's ACL. The target_folder's ACL remain intact, unaltered from XCOPY command.
  The end result: the target_folder ACL is identical to the source_folder ACL, the files copied to the target_folder will inherit ACL from their parent folder. Both source and target folders and files ACLs are identical.
  ROBOCOPY should do both steps, but doesn't. I've tested this scenario on bare-bones Windows Server 2008, physical and virtual machines.
  Darryl Miller

  To Wendy23,
  Just for clarity, the Windows Server 2008 OS that I ran ROBOCOPY and XCOPY on was the non-R2 version. Microsoft might have fixed this issue in R2.
  You'll probably need to logon as local Administrator or use an account belonging to the local Administrators group.
  Also, open the Command Prompt using "Run as Administrator" (right-click on Command Prompt), then run the XCOPY and ROBOCOPY commands from within this prompt.
  To answer G.Write, the storage is local hard disks.
  Thanks, was a long time ago, I was having a problem with robocopy not copying permissions on a SAN, and was wondering if the SAN was the problem, but your method worked fine for me, thanks.

• I switched my windows main computer and do not have how to backup or add files to my current iPod nano on my new computer - what to do?

  I switched my windows main computer and do not have how to backup or add files to my current iPod nano on my new computer - what to do?

  When connecting ipad to itunes, in the Summary tab (in itunes for your device), look in the Backups section and choose to back up to itunes.
  Read this...  import photos to your computer...
  http://support.apple.com/kb/HT4083

• Sales order should not copy the net value from contract

  Hi,
  When we are creating the sales order,Where we can maintain that sales order should not copy the net value from contract.
  Regards
  Prabudh

  Hi,
  When I am creating the sales order with reference to contract,it's copying the net value and quantity from the contract.
  But I want  that sales order should not copy the net value and quantity from the contract and user can take new required quantity at the time creating the sales order.
  Regards
  Prabudh

• When I downloaded Firefox, it did not copy my Favorites List from Internet Explorer

  When I downloaded Firefox, it did not copy my Favorites Bar from Internet Explorer. If it did, I don't know where to find it on Firefox. Can you help?

  Look for a folder named '''from Internet Explorer''' in your bookmarks.

• Browsing and opening files from a file server

  Hello!
  I am interested if it is possible with AIR to browse files from a file server that is connected to a local network and open them. F.e. I want to create an application that opens template files with their native programs and save them on the file server under different name.
  Thank you in advance
  Lynda

  AIR 2 (now at labs.adobe.com) has features you are looking for. An AIR 2 application can open a file in the default system application registered for the file type. (The file server must be a mounted volume on the computer.)
  An extended desktop application (an AIR 2 application that is installed with a native installer) can communicate with another application. So, if the AIR (extended desktop) application knows the path to the native application, it can open that application and communicate with it. If the native application has APIs for opening and saving files, the AIR application can communicate with it using those APIs. (So, this functionality depends on the capabilities of the native application.)

• "Could not get the audio data from the file" error

  Hi
  I get a lot of "Could not get the audio data from the file" errors when opening a project. Sometimes they crash Premiere Pro CC 7.01 (Mac). But if not Premiere works as usual, with the audio.
  I tried to convert the audio files (coming from Audition) from 32 to 16 bit. It worked while opening a project once, but not the following times.
  Where can it come from ?
  Edit: I also get this error when importing audio: "Error: Premiere Pro version 7.0 is not compatible with the Premiere Pro Plug-in version 5.7.4". Maybe it is connected.

  Got it! It was the Smartsound plugin making trouble. Got rid of it and no more errors.

• PIX515 version 7.0 and router 2811 ver 12.3r8 not able to receive emails from gmail files larger than 2M

  PIX515 version 7.0 and router 2811 ver 12.3r8 not able to receive emails from gmail files larger than 2M

  MatejLach wrote:
  clamd is running, user and group clamav all have the relevant permissions as far as I can tell, however upon scanning my mail, I always end up with the following error:
  Scanning error:
  /home/username/.claws-mail/mimetmp/0000000e.mimetmp: lstat() failed: Permission denied. ERROR
  Seems like a permissions error to me... maybe check the actual file it is attempting to scan... I know it is in your home folder, but just to be sure, you might want to check that everything is sane.

• Windows Server 2012 R2 will not install when Server 2012 non-R2 installs fine.

  Our company has several Windows Server 2012 servers that installed and work without issues. However, we purchased several Server 2012 R2 licenses to install on the exact same hardware, and at the very beginning of the install process it does not recognize
  any of the hard drives, and cannot continue with the install. I have put the drivers that the non-R2 servers use on a flash drive, and tried to use those drivers during the R2 installs, but none work. This is extremely frustrating, and I want to know what
  my options are? Is it a signed driver issue? Can I disable signed driver checks before installing R2? Thanks for any help.
  P.S. I will even consider downgrading the Server 2012 R2 licenses to standard 2012 if that is even possible? I don't think I can get a refund on the media.

  Contact your server vendor to see if they support 2012 R2 on the platform you are working with.  They are the ones who determine what firmware/drivers get released for what versions of the operating system.
  "R2 2012 and using them for R2 does not work as it just rejects them or says no new device drivers were found."
  Are you trying to load them during the installation process when it gives you the option to load drivers?  I've never seen a 'no new device drivers were found' message at that point because you are specifically telling it which driver to use.
  Yes, the license for a retail copy of the operating system contains downgrade rights.  However, activation keys are different.  You may have to contact Microsoft or the vendor from whom you purchased your copy to obtain a 2012 activation key.
  . : | : . : | : . tim

• Why does my Cisco router firewall block Windows Server 2012 traffic, but not Windows Server 2008 traffic?

  Hello,
     I run a small business network with five physical servers: three Dell servers running Windows Server 2008 R2, one custom build running 2008, and another custom build running 2012 with Domain Controller Role (same hardware for both custom builds). 
  The Dell servers are all running the Hyper-V role and each has a number of 2008 VMs.  I also have a 2012 VM with the Domain Controller Role on one of the Hyper-V servers and another VM with a completely base install of 2012.
     All servers are plugged into a Cisco SG300-52 switch which is uplinked to a Cisco 881 router which is connected to a cable TWC provided Ubee cable modem.  I have no VLANs setup.  I do have the Firewall on the router configured
  to inspect most traffic.
     Here is my problem:  I cannot connect to most of the internet on ANY 2012 server (and all exhibit the exact same behavior), but I have NO problems connecting to the internet from 2008 servers.  Here is what I already know:
     1.) I can ping the outside world just fine so ICMP is passing to any external host.
     2.) Two of the 2012 servers are DCs running DNS services and they can connect to the internet just fine for DNS requests because they are doing a perfectly good job of providing DNS services to my network.
     3.) Here's where it gets really weird: I can browse in internet explorer to Bing.com and it works.  I can also go to a couple other Microsoft websites (though they are very slow).  If I click on any link in Bing, however, it doesn't
  work and gives me a page not available error.  If I connect to a non-MS website like Google or my company website, I get page not available.
      4.) I have tried to telnet to port 80 at Bing and it works.  I have tried to telnet to port 80 at google.com and it won't connect.  The 2008 servers have no issue telneting to either bing or google on port 80 and none of my client
  PCs on the network do either.
      5.) Windows Update will not connect and neither will any other update service such as AVG (I have AVG Antivirus installed WITHOUT firewall on two of the three servers. The base 2012 VM has no software installed and no roles...I built it
  just to see if it could connect after a fresh install and it still cannot.)
      6.) The network connection does not indicate limited connectivity (probably because ICMP appears to be passing successfully)
       7.) If I connect the server directly to the modem it has full internet access.
       8.) All internal LAN connectivity is perfectly fine and runs at full speed.
       9.) I have scoured the internet trying to find other examples of this particular kind of connectivity issue on 2012 and I have found two TechNet articles that are similar, but they both had the same resolution: changing the router
  worked, but no one knows why. (I would have included the links, but apparently I cannot do that yet)
  My question is this: What is different about Windows Server 2012 networking that would render it unable to communicate through a router that Windows Server 2008 has no problems with?  I ask because, unlike in these two articles where they were
  running personal networking equipment they could easily upgrade, I'm running a Cisco 881 with what should be virtually limitless configuration options and I have no desire to replace it.  I have to assume the issue is somehow related to the firewall configuration,
  which I could fix easily, but I don't know what to change.  If anyone knows what changed in 2012 and why I would be able to browse to bing and other MS sites but no where else, please pass them along.  Thanks.

  This is the IP Config for the 2012 DC:
  Windows IP Configuration
     Host Name . . . . . . . . . . . . : COMPANYDC02
     Primary Dns Suffix  . . . . . . . : company.local
     Node Type . . . . . . . . . . . . : Hybrid
     IP Routing Enabled. . . . . . . . : No
     WINS Proxy Enabled. . . . . . . . : No
     DNS Suffix Search List. . . . . . : company.local
  Ethernet adapter Ethernet:
     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection
     Physical Address. . . . . . . . . : 00-25-90-DC-EF-D5
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
     Link-local IPv6 Address . . . . . : fe80::81d5:53cf:bd07:14ed%12(Preferred)
     IPv4 Address. . . . . . . . . . . : 10.10.10.202(Preferred)
     Subnet Mask . . . . . . . . . . . : 255.255.255.0
     Default Gateway . . . . . . . . . : 10.10.10.1
     DHCPv6 IAID . . . . . . . . . . . : 301999504
     DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-96-D5-C3-00-25-90-DC-EF-D5
     DNS Servers . . . . . . . . . . . : 10.10.10.202
                                         10.10.10.221
     NetBIOS over Tcpip. . . . . . . . : Enabled
  Tunnel adapter isatap.{9929D989-8E88-4096-A1CB-61F1DB173FA3}:
     Media State . . . . . . . . . . . : Media disconnected
     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Microsoft ISATAP Adapter
     Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
  Tunnel adapter Teredo Tunneling Pseudo-Interface:
     Media State . . . . . . . . . . . : Media disconnected
     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
     Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
  This is the IP Config for the fresh install 2012 VM:
  Windows IP Configuration
     Host Name . . . . . . . . . . . . : WIN-800299O7ES6
     Primary Dns Suffix  . . . . . . . :
     Node Type . . . . . . . . . . . . : Hybrid
     IP Routing Enabled. . . . . . . . : No
     WINS Proxy Enabled. . . . . . . . : No
     DNS Suffix Search List. . . . . . : company.local
  Ethernet adapter Ethernet:
     Connection-specific DNS Suffix  . : company.local
     Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
     Physical Address. . . . . . . . . : 00-15-5D-0A-5C-02
     DHCP Enabled. . . . . . . . . . . : Yes
     Autoconfiguration Enabled . . . . : Yes
     IPv4 Address. . . . . . . . . . . : 10.10.10.49(Preferred)
     Subnet Mask . . . . . . . . . . . : 255.255.255.0
     Lease Obtained. . . . . . . . . . : Saturday, August 23, 2014 10:23:01 PM
     Lease Expires . . . . . . . . . . : Wednesday, August 27, 2014 10:23:01 PM
     Default Gateway . . . . . . . . . : 10.10.10.1
     DHCP Server . . . . . . . . . . . : 10.10.10.1
     DNS Servers . . . . . . . . . . . : 10.10.10.220
                                         10.10.10.221
     NetBIOS over Tcpip. . . . . . . . : Enabled
  Tunnel adapter isatap.company.local:
     Media State . . . . . . . . . . . : Media disconnected
     Connection-specific DNS Suffix  . : company.local
     Description . . . . . . . . . . . : Microsoft ISATAP Adapter
     Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
  NOTE: 10.10.10.220 and 10.10.10.221 are the other domain controllers on my network.  One of them is 2012 and one of them is 2008.  They are both functioning correctly for providing DNS services.  The 2012 Virtual DC, however, still has
  the internet connectivity issue that this whole post was about in the first place.
  NOTE2: When I logged on to COMPANYDC02 this morning, it told me that I had new Windows Updates that needed to be downloaded.   Confused, I checked the most recent time WU had checked for updates at it had successfully checked for updates last night
  at 10pm.  Of course, it failed when trying to download them, but it appears that once in a while, a connection gets through successfully...

• Windows Server 2012 CA will not allow Windows XP to autoenroll

  I have a Windows Server 2012 Domain Controller with an Enterprise root CA installed.  I have created a client authentication certificate template (2003 compatible).  Domain Computers have Read, Enroll and Autoenroll permissions.  I modified
  the Domain Policy to enable Certificate autoenrollment.  I have two clients on the same subnet with the domain controller, one Windows 7 Ent SP1 and one Windows XP SP3.  The problem:  Windows 7 reboots, has client auth cert installed in computer's
  personal cert store.  The Windows XP machine cannot acquire the certificate.  Event ID 13, source is AutoEnrollment, 0x80094011,The permissions on this certification authority do not allow the current user to enroll for certificates.  Both machines
  belong to the domain.  Running gpudate /force on the XP machine generates an info event stating that the computer security policy has be applied successfully, then the autoenrollment error.  I've setup autoenrollment dozens of times without any
  problems.  The only thing different in this environment is that the CA is installed on Server 2012.  I could be something else, but the only real difference is Server 2012.  There are no errors on the server.  It is like the client just
  cannot talk to the server at all, but it's getting its policy from that server.
  Any ideas? 

  http://technet.microsoft.com/en-us/library/hh831373.aspx
  What works differently?
  Windows XP clients
  will not be compatible with this higher security setting enabled by
  default on a Windows Server 2012 CA. If necessary, you can lower the
  security setting as previously described.
  Try run this command:
  certutil -setreg CA\InterfaceFlags +IF_ENFORCEENCRYPTICERTREQUEST
  Restart the certification authority
  net stop certsvc
  net start certsvc
  INFO FROM LINK:
  What value does this change add?
  The CA
  enforces enhanced security in the requests that are sent to it. This
  higher security level requires that the packets requesting a certificate
  are encrypted, so they cannot be intercepted and read. Without this
  setting enabled, anyone with access to the network can read packets sent
  to and from the CA using a network analyzer. This means that
  information could be exposed that might be considered a privacy
  violation, such as the names of requesting users or machines, the types
  of certificates for which they are enrolling, the public keys involved,
  and so on. Within a forest or domain, leaking these data may not be a
  concern for most organizations. However, if attackers gain access to the
  network traffic, internal company structure and activity could be
  gleaned, which could be used for more targeted social engineering or
  phishing attacks.
  The commands to enable the enhanced security
  level of RPC_C_AUTHN_LEVEL_PKT on Windows Server®  2003,
  Windows Server®  2003 R2, Windows Server®  2008, or Windows
  Server 2008 R2 certification authorities are:
  certutil -setreg CA\InterfaceFlags +IF_ENFORCEENCRYPTICERTREQUEST
  Restart the certification authority
  net stop certsvc
  net start certsvc
  If
  you still have Windows XP client computers that need to request
  certificates from a CA that has the setting enabled, you have two
  options:

• Windows deployment services in windows server 2012 : operating system not found

  Hello,
  In order of learning WDS in Windows Server 2012, I created a simple test environment composed of :
  A Domain controler running WS 2K12 and hosting both DHCP and WDS services. (with the option of not listening port 67 checked while installing WDS)
  A test computer, with no operating system
  I also added a Windows Server 2012 Standard WIM file and added also (located in [DVD]\sources\install.wim), boot file image (located in [DVD]\sources\boot.wim)
  But now, when i start the client, it gives the following error:
  While i don't find any reliable solution on Internet, Im looking for your help if ever, anyone faced this problem and found a solution for it or not
  Thanks in advance!
  Lotfi BOUCHERIT

  I find it strange that client and server IP are the same. Is there any sort of DHCP relay agent running on your WDS server ?

• Windows server 2012 R2 does not recognize DVD burner as read/write device

  I've seen problem fixes for this on Windows 7 but nothing on 2012 R2.
  I changed the drive letter on the server (2012 R2 with all current updates) and now it does not recognize the working DVD burner as a read/write device.
  The device does work correctly with other Operating Systems on the same hardware.  The box is a Lenovo D30.
  Any idea as to how to go about this fix.  All Microsoft troubleshooter downloads run and say the problem was corrected but no luck in burning anything.

  Hi,
  Did you run this?
  http://support.microsoft.com/mats/cd_dvd_drive_problems
  Regards.
  Vivian Wang

• Windows Server Print Server 2012 R2 MP Not Alerting on Unhealthy Printers

  I just spun up a 2012 R2 print server, added some printers (both healthy and unhealthy), installed the SCOM 2012 R2 agent and installed the Windows Server Print Server 2012 R2 MP (all in a test environment). I wanted to demonstrate the value add of this
  MP and I made the assumption that we could alert on unhealthy printers, but I'm not seeing any alerts. I have 7 printers total; 1 is offline, 1 has low toner and 1 is out of paper.  I would think that at least one of them should generate an alert
  based on the performance monitors present and enabled in the MP.
  I checked the MP guide but can't find any answers.  Does anyone out there have any tips or suggestions for getting printer queue alerts working in the new Print Server 2012 R2 MP?
  Regards,
  TsunamiSteve

  Thank you for your quick reply.
  Yes, the printers were discovered by the management pack but all appear healthy even though a few definitely aren't per the Print Management console.  I checked the print server for events associated with unhealthy printers but either there aren't any
  or we don't have logging turned up high enough for that.  The management pack guide refers to this appendix (http://technet.microsoft.com/en-us/library/dd206713.aspx) and I've looked
  for the Run Monitoring Rule to edit the script but I think this is a reference to an earlier version of the MP and/or a 2003 print server.
  It appears all the pieces to accomplish this are present and that I'm just missing a configuration in the MP (hopefully just an override that has eluded me).  Any further insight would be greatly appreciated.
  Regards,
  TsunamiSteve

• WSUS in Windows Server 2012 R2 is not downloading update files.

  I'm not using Proxy server and this is the only WSUS server in our environment and update source is to sync from Microsoft Update site.
  Synchronization completes successfully and every update files is not downloading. When I look at the download status from the main page, it said it downloaded, but when I look at the files from updates folder, it said failed to download.
  I'm getting following error messages:
  Content file download failed.
  Reason: The server does not support the necessary HTTP protocol. Background Intelligent Transfer Service (BITS) requires that the server support the Range protocol header.
  Source File: /c/msdownload/update/software/crup/2013/12/windows8.1-kb2903939-x64_a8ae5dc28899c892b46c9aa9c8aa71e2d3961a79.cab
  Destination File: e:\wsus\WsusContent\79\A8AE5DC28899C892B46C9AA9C8AA71E2D3961A79.cab
  John

  Hi,
  This is most likely a problem with a proxy server or firewall. Since you don’t have a proxy server, then firewall could be the culprit.
  Error message when you try to download a file by using the Background Intelligent Transfer Service: "Content file download failed"
  http://support.microsoft.com/kb/922330
  Make sure your firewall support HTTP 1.1 range requests. If it still doesn’t help, try the following workaround:
  If you are unable resolve this issue from the proxy/firewall side, then try these steps as a workaround on the WSUS server,
  Set BitsDownloadPriorityForeground=1 using osql.exe on WSUS SQL instance.
  net stop WSUSservice
  CD "%ProgramFiles%\Update Services\tools\osql"
  osql.exe -S <SQL instance name> -E -b -n -Q "USE SUSDB update tbConfigurationC set BitsDownloadPriorityForeground=1"
  net start WSUSservice
  Original post in this
  blog.
  Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
  Hope this helps.