samba "dos filemode" ACL problem

zeropoint jpsergent at
Tue Jan 20 21:53:30 GMT 2009

Maybe someone knows what I'm doing wrong, I'm getting the feeling it must be
a basic mistake. I have a samba server setup with with kerberos and ldap,
working fine. I have ACLs setup on my file system, and that is working, I
have both ACL and user_xattr set properly. I have set dos filemode = yes so
that users that are not owners can change file perms from windows. the
problem is, users with write privileges can add permissions and change
permissions for users in the security tab in windows, but they cannot delete
users from the list. I have done some troubleshooting, when I do a getfacl
on the folder that is being shared I get this:

# file: nixhome
# owner: Administrator
# group: ops

now if I go back in windows and try to delete the user bob, it doesn't give
me an error but bob just keeps poping back up in the list. If I go into
linux and remove the default:user:bob:r-x ACL and then go back to the
security tab in windows, I can then remove the user bob from the list just
fine. The user:bob:r-x ACL will then be deleted fine as well. I don't
understand why this is happening, and I'm racking my head over it. here is
my smb.conf 

        workgroup = TEST
        realm = TEST.LOCAL
        server string = Test Filer
        security = ADS
        password server = slc-dc-test1
        passdb backend = tdbsam
        use kerberos keytab = Yes
        idmap backend = ad
        winbind nss info = rfc2307
        winbind refresh tickets = Yes
        ea support = Yes
        store dos attributes = Yes
        dos filemode = Yes

        comment = nixhome
        path = /nixhome
        admin users = jpsop
        read only = No
        guest ok = Yes

otherwise everything else works wonderfully, it's just this one caveat.
thanks for your help in advance.
View this message in context:
Sent from the Samba - samba-technical mailing list archive at

More information about the samba-technical mailing list