Re: is there any way we can prevent use to move the shared folders

FelixZhou · ‎2026-03-02

time by time, we have been asked to relocate the CIFS shared folder from one location to another. it is time costing to move some big folders even in same share. is there any easy way to prevent it or get an alert when user is doing it?

we try to set some permissions on different folders but it is hard since we have so many different groups of users access different folders.

thank you,

Sanaman · ‎2026-03-02

You can't control or monitor what is taking place inside the CIFS shares, at storage level. You will need to work with client server team (WinTel/Linux).

Tas · ‎2026-03-03

Felix, if you mean moving a directory within the same share, on the same qtree or volume (not flexgroup), you can do that with the Windows "move" or Linux/Unix "mv" commands. All they do is move the hard link of the parent folder to the location you specify. All flags and permissions are maintained.

If you mean move it to a different share on a separate qtree or volume, or flexgroup, your best bet is to use NetApp xcp, available in the downloads section. You will need to read the docs, setup a VM to run it; use the sync command with an index so you can update it after the initial copy because it will take time to move. The way I do it, is set the initial sync with a new-index, and when done, I ask user to refrain from using the source; I then update using the same index id, and then remove access to the source. At that time users can access the destination and continue their work.

Hope this helps

FelixZhou · ‎2026-03-11

thank you for all the details. Good to know. Normally we use the "robcopy" to move the data.

but the confusing part to me, is to set up the permission "not to move" or get alert before to move.

otherwise we will keep get this type of tickets for the folders relocations daily.

Tas · ‎2026-03-11

I'm not sure what you are trying to prevent; If your users have create/write access to another folder, there is nothing you can do to stop them. Since you are using 'robocopy' I presume you are writing to CIFS shares. You can place share or access level security on directories, but that solution may be worse.
If you are getting tickets to move the data, what is stopping you from saying 'NO'?
I think you may be:

trying to prevent users from moving data themselves? If that is the case, you can:
deny - delete files, folders and sub-folders on the source
deny - create files or folders at destinations you don't want them to move to
Or you you may be saying that users are copying data but not using the /COPYALL option which will copy all metadata including acls; if that is the case, you can rename robocopy, and create a robocopy.cmd file which enforces /Copyall. Check "robocopy /???" for more help, or check out https://adamtheautomator.com/robocopy. Good luck.