[Samba] Can't set ACL with Windows XP - why?

Manuel Graumann mgraumann at gc-heat.de
Sun Nov 5 15:01:09 GMT 2006

Hi there,

finally all seems to be working. Samba 3 as PDC with LDAP Backend. Even ACLs
are possible with the command line tool setfacl. These ACLs work fine in
Samba and are displayed correctly in the Windows filemanager in the

But one thing remains unsolved: why can't I set those ACLs directly from my
Windows client machine? If I try to modify the ACL I always get a message
that my settings have not been saved and an "Access denied".

Share definition:

comment = Fileserver Root
path = /data/srv/samba/root
admin users = '@Domain Admins'
read only = No
inherit acls = Yes

# getfacl /data/srv/samba/root
# file: root
# owner: root
# group: Domain\040Admins

The group "Domain Admins" has been granted SeDiskOperatorPrivilege.
The user trying to change the ACLs from Windows is a member of the group
"Domain Admins"

Any suggestions would be appeciated.



More information about the samba mailing list