[Samba] Samba and Windows ACL Issue

Tony Earnshaw tonye at billy.demon.nl
Wed Jun 1 15:36:25 GMT 2005

ons, 01.06.2005 kl. 16.43 skrev Ross McInnes:

> Thanks for the replies etc but the issue isnt actually an ACL one. (of
> sorts)

Ah. O.k.

>  I can change permissions on the users/group already assigned to the
> directory/file, i.e if its already owned by Administrator and Domain Admins,
> but I cannot replace them. i.e as Administrator I cannot remove the user
> administrator and put in ross instead, which is what I need to do.

If you are using POSIX ACLs, then what you can do from Windows is what
you can do with 'setfacl'. setfacl doesn't make it possible to change

>  Or even
> add ross to it.

>From Windows, again iIf you are using POSIX ACLs, you will be able to
add ross to it. If ACLs aren't working, then you can't.

> Ive tried doing the net -S Server -UAdministrator rpc rights grant
> 'DEV-DOMAIN\Administrator' SeTakeOwnershipPrivilege to no avail.
> Is this a support function? As john had pointed out on a *nix system root
> can do anything.


> To prove this, on my current production system I logged on to a share as
> root, I could change permissions etc nps. This system however uses standard
> passwd/smbpasswd and not the AD im trying to implement.
> Any more thoughts or sugestions gratefully received, else it may be that I
> have to look at a pure windows environment :/


mail: tonye at billy.demon.nl

Eg er bergenser og, eg, men, Trondheims-ordfører Marvin Wiseth:
«Bergenserne er flinke til å gjøre mye ut av lite» (uttalte seg over 17.
mai feiringen iår, men gjelder sannsynligvis og dette mel mitt).

More information about the samba mailing list