When using Robocopy to copy folders and files from one local hard disk to another, using /COPYALL /E /TEE options, the target folder does not contain the source folder's ACL. I've tried other options such as: /COPY:DATSOU or /SECFIX, it made no difference.
Test scenario: Create a folder on C:, Test1. Add to Test1's permissions a local group with Read, e.g. Backup Operators. The ACL list should have permissions inherited from C:\ plus Backup Operators that's not inherited. Use Robocopy to copy Test1 to C:\Test2, check the ACL on Test2. Backup Operators is missing.
It looks like Robocopy cannot override the target folder's permissions inheritance, the folder retains the parent folder's ACL.
I've also disabled User Access Control in troubleshooting this problem.
To add to this issue, there's a workaround can be used to ensure the target folder's ACL is the same as the source folder's ACL. It's a two step process.
1) Use XCOPY source_folder target_folder /I /E /X /T - This lays down the directory structure including the ACLs
2) Use ROBOCOPY source_folder target_folder /COPYALL /SECFIX /E - This will copy over the directories and files, enforcing the files to receive the parent folder's ACL. The target_folder's ACL remain intact, unaltered from XCOPY command.
The end result: the target_folder ACL is identical to the source_folder ACL, the files copied to the target_folder will inherit ACL from their parent folder. Both source and target folders and files ACLs are identical.
ROBOCOPY should do both steps, but doesn't. I've tested this scenario on bare-bones Windows Server 2008, physical and virtual machines.
Darryl Miller