Robocopy Manage Auditing user rights

How to Fix “You do not have the Manage Auditing user rights” Error in Robocopy –

by

When using Robocopy to transfer data between servers, particularly with advanced options like auditing and security permissions, you might encounter the following error:

“You do not have the Manage Auditing user rights.”

This message can be confusing, especially if you are running the command as an administrator. In this article, we’ll explain what causes this error and how to resolve it.

What Causes the Error?

The error occurs when Robocopy is used with the /COPYALL or /COPY:SOU switches, which instruct it to copy auditing (SACLs), ownership, and security information. Copying SACLs requires the user to have the “Manage auditing and security log” privilege, which is a sensitive right normally granted only to administrators or specific service accounts.

Step-by-Step Fix

Step 1: Understand the Switches You’re Using

Check your Robocopy command. If it includes:

  • /COPYALL (equivalent to /COPY:DATSOU)
  • /COPY:SOU
  • /COPY:A (auditing information)

You are instructing Robocopy to copy System Access Control Lists (SACLs), which triggers the requirement for special rights.

Step 2: Run as Administrator

Always ensure you’re running Command Prompt as Administrator. However, this alone is often not sufficient.

Step 3: Grant “Manage auditing and security log” Privilege

  1. Press Win + R, type secpol.msc, and press Enter to open Local Security Policy.
  2. Navigate to: pgsqlCopyEditSecurity Settings > Local Policies > User Rights Assignment
  3. Find and double-click Manage auditing and security log.
  4. Click Add User or Group…
  5. Add the user account you are running Robocopy with (e.g., your domain admin or service account).
  6. Click OK and restart the server or log out and back in.

Note: In domain environments, this may be controlled by Group Policy and might need to be done via gpmc.msc.

Step 4: Alternative – Modify the Robocopy Command

If you don’t need to copy auditing info, you can avoid the error by omitting the A (auditing) flag:

Replace:

CopyEdit/COPYALL

With:

makefileCopyEdit/COPY:DATSU

Or explicitly exclude auditing with:

makefileCopyEdit/COPY:DATSO

This allows copying data, attributes, timestamps, security (DACLs), owner, but not SACLs (auditing).

Final Thoughts

The “You do not have the Manage Auditing user rights” error is tied directly to security privileges in Windows. By either adjusting your Robocopy flags or assigning the required user rights, you can resolve the issue and ensure a successful file transfer.


Leave a Comment