Throughout my time in IT, I have come across this issue more times than I can count. And it pops up on both sides of the fence; both users and administrators make the same mistakes and have the same misconceptions. It is more common to run into these sorts of permissions problems in larger organizations where permission-based file and data access is important (Hundreds/Thousands of users all having different file/folder permissions in a DFS environment). The default behaviour of copy and move is a bit more intuitive post 2008/Vista operating systems, but there are still differences that should be taken into account and explained.

Windows Server 2003/Windows XP (and earlier)

Copy: Permissions are inherited from the destination.

Move: Permissions are retained from the original location. This throws most people off. I have heard two reasons for this behaviour:

  • In some cases, permissions may allow a user to move a file or folder to a new location that they do not have the same rights to. By retaining the permissions, it protects a user from losing permissions for that file or folder.
  • The second reason, if the destination is on the same physical disk as the origin, is that a move simply changes the pointer rather than moves the file. The file doesn’t actually change. However, if moving from one physical disk/partition to another, the permissions are inherited from the destination.

Windows Server 2008/Windows Vista (and later)

Copy: Permissions are inherited from the destination.

Move: Permissions are inherited from the destination. The move behaviour is different in the new File Explorer, in that it treats a move as a copy, paste, delete so that the file is created in the new location rather than having its pointer updated. This makes things much easier to administer, and gives users less chance to accidentally create file/folder structures with incorrect permissions without knowing.

A caveat!

While the move process has changed in the new File Explorer, command line moves have not! This means, regardless of the operating system, a move using CMD will behave the same way as Windows Server 2003/XP and older. That is, a move will retain original permissions if it occurs on the same drive or partition.