Bug 1504 - xcopy /O fails with Access Denied message
xcopy /O fails with Access Denied message
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control
All Linux
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2004-07-02 18:03 UTC by Justin Maggard
Modified: 2004-07-12 09:24 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Justin Maggard 2004-07-02 18:03:22 UTC
BACKGROUND:  I am trying to migrate a Windows XP Pro-based file server to a
Linux-based x86 system running Samba.  I just cleanly installed Fedora Core 2 on
the system, and I am using the default Samba package that came with it
(3.0.3-5).  My network is running a NT4 PDC for authentication, and I am using
winbind to integrate into the domain.  I am running EXT3 on my linux box, and I
have turned on the user_xattr and acl mount options on the FS on which my share

PROBLEM:  The XP system has many files with ACLs that I would like to preserve.
 When using the "xcopy /O" command from the WinXP command prompt to try to copy
these files to my Linux box, it comes up with an "Access Denied" error.  The
file size on the Linux box becomes 0 and the ACLs are not preserved at all.  I
also made sure that none of the users in the ACL were local users, and that they
were all domain users, but the problem still exists.  However, I can set ACLs on
files residing on the Linux box from WinXP, and that appears to work fine.
Comment 1 Volker Lendecke 2004-07-03 02:08:01 UTC
Could you try the patch from
and set 'force unknown acl user = yes'. Even if you have set the owners to
domain users, your installation might stumble over the owning groups that do
also exists in NT security descriptors.
Comment 2 Justin Maggard 2004-07-09 15:28:16 UTC
Yes, this patch fixes it.  Is this going to be in the main release tree in the
future?  Why was this feature disabled for Samba 3.0?
Comment 3 Guenther Deschner 2004-07-10 13:48:05 UTC
Great! The patch is already part of 3.0.5rc1 and will thus be part of 3.0.5
later on. 

The bug can be closed now (what I can not do myself).
Comment 4 Volker Lendecke 2004-07-11 01:29:03 UTC
Lets see if I can mark bugs as resolved....