Blog: NTFS

Robocopy Incorrectly Detects Files as Newer When Copying Between Different File Systems

Aug 20, 2010, 10:40 PM -05:00

I came across a problem in one of our automated Robocopy command scripts when copying files from NTFS to EMC Celerra file system. The problem was that every time Robocopy was told to copy files to the EMC Celerra over the VPN, the files were always detected as “newer” on from the originating source. This caused Robocopy to copy every single file from our network to the remote network each and every time.

I came across a command line switch for Robocopy: /FFT : Assume FAT File Times (2-second date/time granularity). So what this does is force Robocopy to use FAT style time stamps which are 2-second granularity. It allows enough flexibility to account for the way the time is recorded when doing a file copy from NTFS to another file system. This is needed when going between and NTFS and Linux/Unix/FAT or emulated file system.

Networking VPN Linux Robocopy NTFS EMC

Configuring NTFS Audit Policies via Group Policy

Jul 27, 2010, 8:05 AM -05:00

I needed to turn on NTFS file system auditing for two specific application EXE files on 30+ servers. I didn’t want to have to touch each server individually, so I decided to look into applying the audit settings centrally using group policy. Using the Security Templates snap-in for MMC on one of the systems I wanted to set up auditing for, I was able to configure a custom file system security policy.

Security Templates Snap-in:

Within the Security Templates MMC: [more]

Define a new, empty security template
Expand the new Template
Right click on the File System section
Select "Ad File..."
Browse to the file you want to ad a group policy enforced ACL to
Configure your desired access controls/audit settings
Set appropriate inheritance options
Once the policy settings you want are complete, right click the security template name
Select "Save As..."
Save the INF file somewhere
Delete the security template

In my case, I only wanted to apply the audit policy portion of the ACL (not the file system permissions), so I opened the INF file and removed the permission settings that started with “D:PAR” and just left the “S:AR” settings.

Then, using the Group Policy Management console, I was able to create a new group policy object and import my file system auditing settings from the INF. I then applied the group policy to the proper OUs and waited for the new settings to get applied. Everything worked like a charm. The completed policy looks like this (in the Group Policy Management HTM view):

Networking Windows 2003 Server NTFS group policy

NTFS Undelete

Sep 16, 2009, 9:33 PM -05:00

NTFS Undelete is a free software utility that recovers deleted files that are no longer in the recycle bin. Of course, you're hoping something hasn't overwritten any of the deleted file. An ISO image is also provided if you want to run NTFSUndelete from a CD rather than installing the program after deleting a file. (The ISO image is not bootable, just used to run NTFSUndelete from the CD.) [more]

http://ntfsundelete.com

The user interface is easy to understand and there are some helpful advanced search options (date, size filters as well as file names, etc.)

Networking Windows Vista Software Utility Windows 7 NTFS tools Windows XP