Network and Storage Protocols

Robocopy kills sets unix permissions to blank ( d--------- )


Hi Everyboy

I have a problem with a migration from NAS Celerra to NAS Netapp

We have to copy all the original data ( exported via CIFS and NFS ) keeping their permissions and ownership.

The destination is a qtree with mixed security and the share was done using the -umask 022 option.

To do that, we are using robocopy with /COPYALL option that preserves all the stuff.

The destination is a qtree with mixed security and the share was done using the -umask 022 option.

if i copy one file with a drag & drop or a ms-dos copy i preserve unix permissions. But with robocopy the unix permissions shown are blank, this is

ls -ld /mn/tmp2


d--------- as the file mode, and even being root we are not able to change it.

Anyone can help me with this????

Thanks in advance an best regards, Alberto



Alberto -

I haven't ever heard a story of the 'mixed' security style working out well for users. Even if you were able to get permissions to copy over correctly to start with, over time the mixed security style turns into a hair ball as unix/windows users change the security styles of files they have access to. It's usualy best to decide that the given data is going to be unix or ntfs data, then correctly configure multi protocol for the access you need from the other side. When tring to decide what security style to use the question I ask is 'Which side needs to control write access to the data ?'.

Robocopy works great for migrating Windows file systems, but for unix file systems consider using native unix tools...

At your service,

Eugene Kashpureff


Thanks Eugene,

I think my only choice is to get rid of MIXED qtrees and thinking in mapping unix users to windows ones.

My only question left is:

Iif everybody, even support people, tells you to avoid MIXED qtrees, what is the meaning of this tricky security option??????


You're very welcome.

Yes, we all say avoid MIXED security.

I think it's a legacy of the early multi-protocol days.

Best practice - Decide the data is Unix OR Windows, then map any users you need to.

Easiest implementation is when you keep all your Unix and Windows user names the same on both sides.

(ekashp - ekashp) Data ONTAP will try this as the default mapping.

I hope this response has been helpful to you.

At your service,

Eugene Kashpureff
NetAppU Instructor and Independent Consultant
(P.S. I appreciate points for helpful or correct answers.)