Reassign permision after migrating Windows File Server to S3 and access through SMB file share in Storage Gateway


I have 20 TB data in Windows File Server on premises and want to migrate to S3 and access through SMB file share in Storage Gateway. As I understand about process, I have to join Gateway to AD and reassign permision for all folder and file in SMB File share with AD. I have more than 1000 folder and it will take time to do. Anyone have better way to reassign permision?

  • Sorry to say, but this might be painful and yes, will cost many hours. What is your use case for the migrated files? If you can, arrange permissions from the highest level possible. Some files won't need to be accessed at all (e.g. archived)?

    And even a smart script will have to crawl all directories to read the current permissions and apply them to the migrated directories.

  • I want to use hybrid cloud solution. Storgate Gateway Servers will have 3TB storage for caching frequently access file. The only concern about solution to reassign permission after migrating (a lot of department, complex directory structure)

3 Answers

Moving 20TB is not the problem, in this case not even the average size of the files. The problem posted is that someone or even a script, has to crawl directories to set permissions on the target. I can't see a solution for this to quicken.

answered a year ago
  • Hello!

    If files will have individual permissions there is no way than crawl all of them. Ideally, you'd have a structure that allows for folder level permissions that would translate to prefixes in S3, you can then set access permissions per prefix.

    I hope this helps.


Hi there.

Regardless of the time it will take to configure doing this over the Internet or via an AWS Direct Connect channel, 20TB is a lot of information and will take a lot of time to move. I would recommend you check AWS Snowball and use a Snowball Edge device to copy this data into AWS. It will get directly imported into your S3 bucket.

Here is how AWS Snowball Edge works.

How AWS Snowball Edge works

I hope this helps.

profile pictureAWS
answered a year ago

As I read it, the problem is not the transport of bytes, but of permissions. Permissions come in two main flavours; local (in the filesystem/bucket/object) or externally (like AD or AWS directory services). Therefore you will need a service which A. can read existing permissions per file/directory and B. can store comparable permissions along with the file/directory.

p.s.1 20TiB equals 20,480 GiB, which equals 204,800 giB (small 'g'), which easily can be compared along a 10Gbps or 100MBps network. p.s.2 High transfer speeds are possible with block storage, but for file/objects, the amount (number) of these is of much more influence).

BR, Henk

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions