Windows NT Resource Kit utility SCOPY copies files and directories to and from NTFS partitions carrying along security ACLs intact. Windows NT COPY and XCOPY copy the files and directories but do not carry along the security information inherent within NTFS. Windows 2000 XCOPY incorporates the functionality of SCOPY (see below) SCOPY will not copy files to or from non-NTFS partitions. With this tool, you can copy or move a resource and maintain the ACLs.

Usage:

SCOPY {source} {destination} [/o] [/a] [/s]

/o Copies owner security information
/a Copies auditing information. Have to have Manage Auditing User Right on both the source and destination computers.
/s Copies all files in subdirectories. Recursive.

This utility is not found in the Windows 2000 Resource Kit. Instead, the functionality found in SCOPY is incorporated into an enhanced XCOPY :

/x copies the audit settings (same functionality as /a in SCOPY)
/o copies ACL information (to turnon scopy functionality)
/s copies subdirectories (same as SCOPY)

scopy works wonderfully when copy files between domain controllers. Unfortunately many sites use member servers for file servers. What this means is that each member server (like workstations) has its own SAM. If you copy files from one member server to another member server using scopy, every local group would appear as "Account Unknown" in the destination file's permissions list. Even if you thought ahead and created the same local groups, the same thing will happen because the group sids will be different even though, for example, the two groups are named itsgroup . smallwonders.com has a utility, Secure Copy , will avoid the "Account Unknown" gotcha! If a local group has permissions on a file in your source server, Secure Copy will create the local group on the destination server and modify the permissions list on the destination file to reflect the newly created local group.