Case: we have to migrate a full storage to a new machine (both bare metal), Windows Server 2008 to Windows Server 2012 and do a cross-domain migration simultaneously.
Network Device 1 mounted with old domain administrator on Y: from old machine Network Device 2 mounted with new domain administrator on Z: on new machine
We've successfully copied all data via Robocopy:
ROBOCOPY %SORC% %DEST% /MIR /DCOPY:T /B /R:1 /W:1 /NP /LOG:%LOG%
Actual: Now we have to do two more steps: migrate the old user acl to the copied files and folders. I've found get-acl and set-acl but with:
get-acl Y:\ | set-acl Z:\
it's only take action on that folder/file. For example if I run get-acl 'Y:\IT\folder' | set-acl 'Z:\IT\folder' the ACL on that single folder is copied successful.
Problem a) How can I copy the ACL of every file and folder of the whole network device (old) to the new one with all files copied on that and b) How do I deal with those files the old administrator on the old machine has no owner rights due to security setting errors in the past?
Hint: I've already tried /SEC Attribute on Robocopy and other Robocopy switches - it didn't work in our case due to we have to run the PS Script on the new domains storage with the new domain administrator - on the old storage is only powershell version 1 - because it's a server from 2008..