Copy from ntfs file server to freenas zfs, maintain permissions and owner.

[kyleman7]

I'm working on migrating my fileserver from a windows 2008 w/ raid 5 system to a freenNAS/ZFS system.

I have enabled active directory integration on the freeNAS box and synced the users and groups. I have also set the type of acl on the zfs volume to 'windows'

I'm having issues when using robocopy to copy from windows to freenas, it won't maintain the permissions set from by windows. when using the command "robocopy source destination /COPYALL /E /R:0 /DCOPY:T /B" I get an error "saying ERROR 87 (0x00000057) Copying NTFS Security to Destination Directory"

any help would be greatly appreciated greatly

 

[cyberjock]

I assume you are using CIFS, the latest version of FreeNAS(9.1) and have enabled the Windows file permissions option in Samba?

 

[survive]

Hi kyleman7,

Give this a look:

http://support.microsoft.com/kb/2459083

-Will

 

[kyleman7]

I am using CIFS, I setup the system running freeNAS 8.3.1, but its not in production yet, so I can upgrade if needed, and I'm not sure what setting you are referring to with "Windows file permissions option in Samba?"

 

[cyberjock]

Kyleman7 meet Mr. Manual, Mr. Manual.. this is Kyleman7

 

[paleoN]

This may be an ACL issue with not copying all the Security Descriptors. I vaguely recall something similar to which someone posted a solution to on the forum or on support.freenas.org.

 

[cyberjock]

This may be an ACL issue with not copying all the Security Descriptors. I vaguely recall something similar to which someone posted a solution to on the forum or on support.freenas.org.

You know, this does ring a bell.. lemme see if I can find it!

 

[paleoN]

You know, this does ring a bell.. lemme see if I can find it!

Bah, you're slacking off even if I'm the one who mentioned it. This is what I was thinking of, maglaubig's post.

 

[cyberjock]

I swear I posted that like 5 minutes after I made the last post.. that's the 3rd in the last day where i swore I posted stuff but it didn't go through..weird!

 

[kyleman7]

I think I have found what my be part of my problem.

When trying to set permissisons by hand for a folder on the freenas box, using windows, i can't add the user group Administrators. So say, my folder on the windows server has permissions for SULTAN\Administrators, I can't find that when setting permissions on freenas. I do see a FREENAS\Administrators group, but is not the same.

Is there a hidden group called Administrators built in to freenas that is blocking the Administrators group built into active directory?

 

[kyleman7]

I've attached an image that will hopefully explain my last post

 

[kyleman7]

Ok, so. I think I've figured out the root issue of this. I just don't know how to fix it now. It appears that the freenas box is not syncing the Domain Local Security Groups out of my active directory domain. So now whenever I try to use robocopy with the /COPYALL option it will fail if the permissions on the files include anything from the Domain Local Security Groups, which includes the Administrators group. I have my active directory setup correctly in freenas (or so it seems) I can see all of the other users and groups except those which are Domain Local, including all of the groups in the Built In ou which are automatically created when running dcpromo.

So now the solution would seem to be to get freenas to see these groups, I would assume that it should see them when it is joined to the domain as all of my computer that have been joined can see these groups.

Any help would be great.

 

[Carol Poulin]

Helo. did you solve your problem? I have the same problem as difference that owner is not Administrator group. It is admin user.