[Samba] Can't change directory owner

Rowland Penny rpenny at samba.org
Tue Feb 7 14:09:54 UTC 2023

On 07/02/2023 12:23, Andrea Cucciarre via samba wrote:
> Hello,
> I am struggling to change the owner of directories in Samba share, from a
> windows client.
> In the Samba logs I can see the following error message:
> [2023/02/06 13:23:31.624803,  3]
> ../../source3/modules/nfs4_acls.c:1042(smb_set_nt_acl_nfs4)
>    chown New folder, 11150, 4294967295 failed. Error =
> This points to the try_chown() in samba code, and as far as I can see it
> should allow the chown if the user has the SeRestorePrivilege.
>  From windows I have added the SeRestorePrivilege to that user, and actually
> it seems samba can see it:
> # net rpc rights list 'DOMAIN\user' -S X.X.X.X -U Administrator
> SeBackupPrivilege
> SeRestorePrivilege
> So I can't understand why Samba doesn't recognize the SeRestorePrivilege
> when handling a chown.
> Regards
> Andrea

I think we are going to need more info here, starting with the current 
smb.conf (as shown by 'testparm -s'), the output of 'getent passwd 
DOMAIN\\user', the permissions set on the directory at the moment.

Your error message seems to be coming from the block of code in try_chown:

	/* only allow chown to the current user. This is more secure,
	   and also copes with the case where the SID in a take ownership ACL is
	   a local SID on the users workstation
	if (uid != get_current_uid(fsp->conn)) {


More information about the samba mailing list