Merge pull request #219152 from sipastak/dbd-metadata-2

liljack17 · web-flow · commit dcb91239e0c1 · 2022-12-27T08:33:58.000-08:00
DBD metadata
diff --git a/articles/databox/TOC.yml b/articles/databox/TOC.yml
@@ -161,6 +161,8 @@
         href: data-box-disk-limits.md
       - name: Review security 
         href: data-box-disk-security.md 
+      - name: Transfer ACLs and metadata
+        href: data-box-disk-file-acls-preservation.md 
       - name: FAQ
         href: data-box-disk-faq.yml  
     - name: How to
diff --git a/articles/databox/data-box-deploy-copy-data.md b/articles/databox/data-box-deploy-copy-data.md
@@ -7,7 +7,7 @@ author: alkohli
 ms.service: databox
 ms.subservice: pod
 ms.topic: tutorial
-ms.date: 08/26/2022
+ms.date: 11/18/2022
 ms.author: alkohli
 
 # Customer intent: As an IT admin, I need to be able to copy data to Data Box to upload on-premises data from my server onto Azure.
diff --git a/articles/databox/data-box-disk-deploy-copy-data.md b/articles/databox/data-box-disk-deploy-copy-data.md
@@ -7,7 +7,7 @@ author: alkohli
 ms.service: databox
 ms.subservice: disk
 ms.topic: tutorial
-ms.date: 10/12/2022
+ms.date: 11/18/2022
 ms.author: alkohli
 
 # Customer intent: As an IT admin, I need to be able to order Data Box Disk to upload on-premises data from my server onto Azure.
@@ -53,6 +53,7 @@ Review the following considerations before you copy the data to the disks:
 
 - It is your responsibility to ensure that you copy the data to folders that correspond to the appropriate data format. For instance, copy the block blob data to the folder for block blobs. If the data format does not match the appropriate folder (storage type), then at a later step, the data upload to Azure fails.
 - While copying data, ensure that the data size conforms to the size limits described in the [Azure storage and Data Box Disk limits](data-box-disk-limits.md).
+- If you want to preserve metadata (ACLs, timestamps, and file attributes) when transferring data to Azure Files, follow the guidance in [Preserving file ACLs, attributes, and timestamps with Azure Data Box Disk](data-box-disk-file-acls-preservation.md).
 - If data that is being uploaded by Data Box Disk is concurrently uploaded by other applications outside of Data Box Disk, this could result in upload job failures and data corruption.
 
    > [!IMPORTANT]
diff --git a/articles/databox/data-box-disk-file-acls-preservation.md b/articles/databox/data-box-disk-file-acls-preservation.md
@@ -0,0 +1,119 @@
+---
+title: Preserving file ACLs, attributes, and timestamps with Azure Data Box disk
+description: ACLs, timestamps, and attributes preserved during data copy to Azure Data Box Disk. Copying metadata with Windows and Linux data copy tools.  
+services: databox
+author: alkohli
+
+ms.service: databox
+ms.subservice: pod
+ms.topic: conceptual
+ms.date: 12/22/2022
+ms.author: alkohli
+---
+
+# Preserving file ACLs, attributes, and timestamps with Azure Data Box disk
+
+Azure Data Box Disk lets you preserve access control lists (ACLs), timestamps, and file attributes when sending data to Azure. This article describes the metadata that you can transfer when copying data to Data Box Disk to upload it to Azure Files. 
+
+## Transferred metadata
+
+ACLs, timestamps, and file attributes are the metadata that is transferred when the data from Data Box Disk is uploaded to Azure Files. In this article, ACLs, timestamps, and file attributes are referred to collectively as *metadata*.
+
+The metadata can be copied with Windows data copy tools. Metadata isn't preserved when transferring data to blob storage.
+
+The subsequent sections of the article discuss in detail as to how the timestamps, file attributes, and ACLs are transferred when the data from Data Box Disk is uploaded to Azure Files. 
+
+[!INCLUDE [data-box-transferred-metadata](../../includes/data-box-transferred-metadata.md)]
+
+## ACLs
+
+Depending on the transfer method used and whether you're using a Windows or Linux client, some or all discretionary and default access control lists (ACLs) on files and folders may be transferred during the data copy to Azure Files.
+ 
+> [!NOTE]
+> Files with ACLs containing conditional access control entry (ACE) strings are not copied. This is a known issue. To work around this, copy these files to the Azure Files share manually by mounting the share and then using a copy tool that supports copying ACLs.
+
+## Copying data and metadata
+
+To transfer the ACLs, timestamps, and attributes for your data, use the following procedures to copy data into the Data Box.
+
+### Windows data copy tool
+
+To copy data to your Data Box Disk, use a file copy tool such as `robocopy`. The following sample command copies all files and directories, transferring metadata along with the data.
+
+```console
+robocopy <Source> <Target> * /copyall /e /dcopy:DAT /B /r:3 /w:60 /is /nfl /ndl /np /MT:32 or 64 /fft /log+:<LogFile>
+```
+
+where
+
+|Option |Description |
+|------------------- | ----- |
+|`/copyall` |Copies all attributes.|
+|`/e`      |Copies subdirectories, including empty directories.         |
+|`/dcopy:DAT`  |Copies data, attributes, and timestamps. Note: The /dcopy:DAT option must be used to transfer `CreationTime` on directories. |
+|`/B`      |Copies files in Backup mode. |
+|`/r:3`    |Specifies 3 retries on failed copies.         |
+|`/w:60`   |Specifies a wait time of 60 seconds between retries.         |
+|`/is`     |Includes the same files.         |
+|`/nfl`    |Does not log file names.         |
+|`/ndl`    |Does not log directory names.        |
+|`/np`     |Does not display progress of the copying operation.         |
+|`/MT:32 or 64`  |Uses multithreading, with 32 or 64 threads.           |
+|`/fft`    |Reduces time stamp granularity for any file system.        |
+|`/log+:<LogFile>`  |Appends the output to the existing log file.|
+
+For more information on these `robocopy` parameters, see [Tutorial: Copy data to Azure Data Box via SMB](./data-box-deploy-copy-data.md)
+
+> [!NOTE]
+> If you use `/copyall` to copy your data, the source ACLs on directories and files are transferred to Azure Files. If you only had read-access on your source data and could not modify the source data, you'll have read-access only on the data in the Data Box Disk. Use `/copyall` only if you intend to copy all the ACLs on the directories and files along with the data.
+
+#### Use robocopy to list, copy, modify files on Data Box disk
+
+Here are some of the common scenarios you'll use when copying data using `robocopy`.
+
+- **Copy only data to Data Box Disk, no ACLs on directories and files**
+
+    Use the `/dcopy:DAT` option to only copy data, attributes, timestamps. ACLs on directories and files are not copied.
+
+- **Copy data and ACLs on directories and files to Data Box Disk**
+
+    Use `/copyall` to copy all the source data including all the ACLs on directories and files.
+
+- **List the filesystem on Data Box Disk using robocopy**
+
+    Use this command to list directory contents:
+
+    `robocopy <source-dir> NULL /l /s /xx /njh /njs /fp /B`
+
+    Note that the File Explorer doesn't allow you to list these files.
+    
+- **Copy or delete folders and files on Data Box Disk**
+
+    Use this command to copy a single file:
+
+    `robocopy <source-dir> <destination-dir> <file-name> /B`
+
+    Use this command to delete a single file:
+
+    `robocopy <source-dir> <destination-dir> <file-name> /purge /B`
+
+    In the above command, the `<source-dir>` should not have the file: `<file-name>`. Then, the above command syncs the destination with the source, resulting in the removal of the file from the destination.
+
+    Note that the File Explorer may not allow you to perform the above operations.
+
+For more information, see [Using robocopy commands](/windows-server/administration/windows-commands/robocopy).
+
+### Linux data copy tools
+
+Transferring metadata in Linux is a two-step process. First, you copy the source data using a tool such as `rsync`, which does not copy metadata. After you copy the data, you can copy the metadata using a tool such as `smbcacls` or `cifsacl`.
+
+The following sample commands do the first step, copying the data using `rsync`. 
+
+```console
+cp -aR /etc /opt/ 
+rsync -avP /etc /opt (-a copies a directory)
+```
+
+## Next steps
+
+- [Copy data to Azure Data Box Disk](data-box-disk-deploy-copy-data.md)
diff --git a/articles/databox/data-box-file-acls-preservation.md b/articles/databox/data-box-file-acls-preservation.md
@@ -7,7 +7,7 @@ author: alkohli
 ms.service: databox
 ms.subservice: pod
 ms.topic: conceptual
-ms.date: 09/12/2022
+ms.date: 11/18/2022
 ms.author: alkohli
 ---
 
@@ -23,37 +23,8 @@ The metadata can be copied with Windows and Linux data copy tools. Metadata isn'
 
 The subsequent sections of the article discuss in detail as to how the timestamps, file attributes, and ACLs are transferred when the data from Data Box is uploaded to Azure Files. 
 
-## Timestamps
+[!INCLUDE [data-box-transferred-metadata](../../includes/data-box-transferred-metadata.md)]
 
-The following timestamps are transferred:
-- CreationTime
-- LastWriteTime
-
-The following timestamp isn't transferred:
-- LastAccessTime
-
-## File attributes
-
-File attributes on both files and directories are transferred unless otherwise noted.
-
-The following file attributes are transferred:
-- FILE_ATTRIBUTE_READONLY (file only)
-- FILE_ATTRIBUTE_HIDDEN
-- FILE_ATTRIBUTE_SYSTEM
-- FILE_ATTRIBUTE_DIRECTORY (directory only)
-- FILE_ATTRIBUTE_ARCHIVE
-- FILE_ATTRIBUTE_TEMPORARY (file only)
-- FILE_ATTRIBUTE_NO_SCRUB_DATA
-
-The following file attributes aren't transferred:
-- FILE_ATTRIBUTE_OFFLINE
-- FILE_ATTRIBUTE_NOT_CONTENT_INDEXED
-  
-Read-only attributes on directories aren't transferred.
-
-## Alternate data streams and extended attributes
-
-[Alternate data streams](/openspecs/windows_protocols/ms-fscc/e2b19412-a925-4360-b009-86e3b8a020c8) and extended attributes are not supported in Azure Files, page blob, or block blob storage, so they are not transferred when copying data. 
 
 ## ACLs
 
@@ -121,89 +92,7 @@ The following default ACLs are transferred:
 
 - Security descriptors with these properties: DACL, Owner, Group, SACL
 
-## Copying data and metadata
-
-To transfer the ACLs, timestamps, and attributes for your data, use the following procedures to copy data into the Data Box.
-
-### Windows data copy tool
-
-To copy data to your Data Box via SMB, use an SMB-compatible file copy tool such as `robocopy`. The following sample command copies all files and directories, transferring metadata along with the data.
-
-When using the `/copyall` or `/dcopy:DAT` option, make sure the required Backup Operator privileges aren't disabled. For more information, see [Use the local web UI to administer your Data Box and Data Box Heavy](./data-box-local-web-ui-admin.md).
-
-```console
-robocopy <Source> <Target> * /copyall /e /dcopy:DAT /B /r:3 /w:60 /is /nfl /ndl /np /MT:32 or 64 /fft /log+:<LogFile>
-```
-
-where
-
-|Option |Description |
-|------------------- | ----- |
-|`/copyall` |Copies all attributes.|
-|`/e`      |Copies subdirectories, including empty directories.         |
-|`/dcopy:DAT`  |Copies data, attributes, and timestamps. Note: The /dcopy:DAT option must be used to transfer `CreationTime` on directories. |
-|`/B`      |Copies files in Backup mode. |
-|`/r:3`    |Specifies 3 retries on failed copies.         |
-|`/w:60`   |Specifies a wait time of 60 seconds between retries.         |
-|`/is`     |Includes the same files.         |
-|`/nfl`    |Does not log file names.         |
-|`/ndl`    |Does not log directory names.        |
-|`/np`     |Does not display progress of the copying operation.         |
-|`/MT:32 or 64`  |Uses multithreading, with 32 or 64 threads.           |
-|`/fft`    |Reduces time stamp granularity for any file system.        |
-|`/log+:<LogFile>`  |Appends the output to the existing log file.|
-
-For more information on these `robocopy` parameters, see [Tutorial: Copy data to Azure Data Box via SMB](./data-box-deploy-copy-data.md)
-
-> [!NOTE]
-> If you use `/copyall` to copy your data, the source ACLs on directories and files are transferred to Azure Files. If you only had read-access on your source data and could not modify the source data, you'll have read-access only on the data in the Data Box. Use `/copyall` only if you intend to copy all the ACLs on the directories and files along with the data.
-
-#### Use robocopy to list, copy, modify files on Data Box
-
-Here are some of the common scenarios you'll use when copying data using `robocopy`.
-
-- **Copy only data to Data Box, no ACLs on directories and files**
-
-    Use the `/dcopy:DAT` option to only copy data, attributes, timestamps. ACLs on directories and files are not copied.
-
-- **Copy data and ACLs on directories and files to Data Box**
-
-    Use `/copyall` to copy all the source data including all the ACLs on directories and files.
-
-- **List the filesystem on Data Box using robocopy**
-
-    Use this command to list directory contents:
-
-    `robocopy <source-dir> NULL /l /s /xx /njh /njs /fp /B`
-
-    Note that the File Explorer doesn't allow you to list these files.
-    
-- **Copy or delete folders and files on Data Box**
-
-    Use this command to copy a single file:
-
-    `robocopy <source-dir> <destination-dir> <file-name> /B`
-
-    Use this command to delete a single file:
-
-    `robocopy <source-dir> <destination-dir> <file-name> /purge /B`
-
-    In the above command, the `<source-dir>` should not have the file: `<file-name>`. Then, the above command syncs the destination with the source, resulting in the removal of the file from the destination.
-
-    Note that the File Explorer may not allow you to perform the above operations.
-
-For more information, see [Using robocopy commands](/windows-server/administration/windows-commands/robocopy).
-
-### Linux data copy tools
-
-Transferring metadata in Linux is a two-step process. First, you copy the source data using a tool such as `rsync`, which does not copy metadata. After you copy the data, you can copy the metadata using a tool such as `smbcacls` or `cifsacl`.
-
-The following sample commands do the first step, copying the data using `rsync`. 
-
-```console
-cp -aR /etc /opt/ 
-rsync -avP /etc /opt (-a copies a directory)
-```
+[!INCLUDE [data-box-copy-data-and-metadata](../../includes/data-box-copy-data-and-metadata.md)]
 
 ## Next steps
 
diff --git a/includes/data-box-copy-data-and-metadata.md b/includes/data-box-copy-data-and-metadata.md
@@ -0,0 +1,91 @@
+---
+author: sipastak
+ms.service: databox  
+ms.topic: include
+ms.date: 11/18/2022
+ms.author: sipastak
+---
+
+## Copying data and metadata
+
+To transfer the ACLs, timestamps, and attributes for your data, use the following procedures to copy data into the Data Box.
+
+### Windows data copy tool
+
+To copy data to your Data Box via SMB, use an SMB-compatible file copy tool such as `robocopy`. The following sample command copies all files and directories, transferring metadata along with the data.
+
+When using the `/copyall` or `/dcopy:DAT` option, make sure the required Backup Operator privileges aren't disabled. For more information, see [Use the local web UI to administer your Data Box and Data Box Heavy](/azure/databox/data-box-local-web-ui-admin).
+
+```console
+robocopy <Source> <Target> * /copyall /e /dcopy:DAT /B /r:3 /w:60 /is /nfl /ndl /np /MT:32 or 64 /fft /log+:<LogFile>
+```
+
+where
+
+|Option |Description |
+|------------------- | ----- |
+|`/copyall` |Copies all attributes.|
+|`/e`      |Copies subdirectories, including empty directories.         |
+|`/dcopy:DAT`  |Copies data, attributes, and timestamps. Note: The /dcopy:DAT option must be used to transfer `CreationTime` on directories. |
+|`/B`      |Copies files in Backup mode. |
+|`/r:3`    |Specifies 3 retries on failed copies.         |
+|`/w:60`   |Specifies a wait time of 60 seconds between retries.         |
+|`/is`     |Includes the same files.         |
+|`/nfl`    |Does not log file names.         |
+|`/ndl`    |Does not log directory names.        |
+|`/np`     |Does not display progress of the copying operation.         |
+|`/MT:32 or 64`  |Uses multithreading, with 32 or 64 threads.           |
+|`/fft`    |Reduces time stamp granularity for any file system.        |
+|`/log+:<LogFile>`  |Appends the output to the existing log file.|
+
+For more information on these `robocopy` parameters, see [Tutorial: Copy data to Azure Data Box via SMB](/azure/databox/data-box-deploy-copy-data)
+
+> [!NOTE]
+> If you use `/copyall` to copy your data, the source ACLs on directories and files are transferred to Azure Files. If you only had read-access on your source data and could not modify the source data, you'll have read-access only on the data in the Data Box. Use `/copyall` only if you intend to copy all the ACLs on the directories and files along with the data.
+
+#### Use robocopy to list, copy, modify files on Data Box
+
+Here are some of the common scenarios you'll use when copying data using `robocopy`.
+
+- **Copy only data to Data Box, no ACLs on directories and files**
+
+    Use the `/dcopy:DAT` option to only copy data, attributes, timestamps. ACLs on directories and files are not copied.
+
+- **Copy data and ACLs on directories and files to Data Box**
+
+    Use `/copyall` to copy all the source data including all the ACLs on directories and files.
+
+- **List the filesystem on Data Box using robocopy**
+
+    Use this command to list directory contents:
+
+    `robocopy <source-dir> NULL /l /s /xx /njh /njs /fp /B`
+
+    Note that the File Explorer doesn't allow you to list these files.
+    
+- **Copy or delete folders and files on Data Box**
+
+    Use this command to copy a single file:
+
+    `robocopy <source-dir> <destination-dir> <file-name> /B`
+
+    Use this command to delete a single file:
+
+    `robocopy <source-dir> <destination-dir> <file-name> /purge /B`
+
+    In the above command, the `<source-dir>` should not have the file: `<file-name>`. Then, the above command syncs the destination with the source, resulting in the removal of the file from the destination.
+
+    Note that the File Explorer may not allow you to perform the above operations.
+
+For more information, see [Using robocopy commands](/windows-server/administration/windows-commands/robocopy).
+
+### Linux data copy tools
+
+Transferring metadata in Linux is a two-step process. First, you copy the source data using a tool such as `rsync`, which does not copy metadata. After you copy the data, you can copy the metadata using a tool such as `smbcacls` or `cifsacl`.
+
+The following sample commands do the first step, copying the data using `rsync`. 
+
+```console
+cp -aR /etc /opt/ 
+rsync -avP /etc /opt (-a copies a directory)
+```
diff --git a/includes/data-box-transferred-metadata.md b/includes/data-box-transferred-metadata.md
