ACL woes

[Scott Mann]

Hi All,

I've got Samba 2.2.2 and a 2.4.14 kernel with XFS and 
tools (acl-1.1.3, attr-1.1.3, xfsprogs-1.3.13).
I'm also using winbind to authenticate against a W2K DC.

ACLs seem to work, but attributes (like modify privilege without delete
privilege)
seem not to. If I create a directory on a samba share via W2K
as the domain administrator, I can grant "Full Control" to another
user (say, for example, Guest). The user Guest effectively gets rwx.
However, 
for example, if Guest attempts to 
take ownership of the directory, it fails with an "access denied" error
message.
The smbd log file reports a chown error message.

None of the other standard W2K/NT attributes work properly. They always
result in a linux rwx-style permission set and attr -l reports nothing
(it
appears that there are no extended attributes).

I've attached my test smb.conf below.

Any help would be greatly appreciated!

Rgds,
Scott

[global]
         netbios name = ntauth-53
         workgroup = devtest
         server string = Resource Server
         security = domain
         password server = s-devdc
         load printers = no
         encrypt passwords = yes
         username map = /etc/smbusers
         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
         winbind separator = +
         winbind uid = 10000-59999
         winbind gid = 10000-59999
         winbind enum users = yes
         winbind enum groups = yes
[test]
         path = /storage/test
         comment = test
         writable = yes
         security mask = 0777
         directory security mask = 0777
         nt acl support = yes