For a quick-N-dirty option:
Mirror source to target with source security permissions intact:
C:\> robocopy [source] [target] /MIR /SEC /SECFIX /r:1 /w:1
Create a log file of screen output:
Add /log:filename.txt /tee to above command string.
Notes on switch options:
The /tee switch gives you console output also – otherwise it’s hours of suspenseful cursor blinking.
/R:x Sets number of retries per file – default is 1,000,000 – Yeah… WTF?!?
/W:x Sets number of seconds to wait between retries – default is 30 seconds – Zoiks!
/MIR Mirrors source files/folders to target file system – However, it will also delete files/folders not on the source list, and skip files that kinda match existing files in the target location.
So if you’re restoring a burnt backup of the System or Boot partition, format it first… Then start the mirroring process. This also eliminates issues with the NTFS default System Information folder.
Ended up using this not too long ago during a ransomware recovery, that required a forced recovery from damaged backups.
It was a monolithic cluster
...But I got all of the clients data back minus only about 2 days of work.
(somebody opened an attachment..).
The ransomware had - somehow - managed to delete 3 years of versioned historical backups in the cloud, corrupt the local copy, and decimate the entire network … In less than an hour.https://www.cybereas...bi-ransomware-attack
Zoiks! What a