[Samba] Can't set ACL with Windows XP - why?

Manuel Graumann mgraumann at gc-heat.de
Sun Nov 5 15:01:09 GMT 2006


Hi there,

finally all seems to be working. Samba 3 as PDC with LDAP Backend. Even ACLs
are possible with the command line tool setfacl. These ACLs work fine in
Samba and are displayed correctly in the Windows filemanager in the
security-tab.

But one thing remains unsolved: why can't I set those ACLs directly from my
Windows client machine? If I try to modify the ACL I always get a message
that my settings have not been saved and an "Access denied".

Share definition:

[fsroot]
comment = Fileserver Root
path = /data/srv/samba/root
admin users = '@Domain Admins'
read only = No
inherit acls = Yes

# getfacl /data/srv/samba/root
# file: root
# owner: root
# group: Domain\040Admins
user::rwx
group::rwx
other::rwx

The group "Domain Admins" has been granted SeDiskOperatorPrivilege.
The user trying to change the ACLs from Windows is a member of the group
"Domain Admins"

Any suggestions would be appeciated.

Regards

Manuel



More information about the samba mailing list