BACKGROUND: I am trying to migrate a Windows XP Pro-based file server to a Linux-based x86 system running Samba. I just cleanly installed Fedora Core 2 on the system, and I am using the default Samba package that came with it (3.0.3-5). My network is running a NT4 PDC for authentication, and I am using winbind to integrate into the domain. I am running EXT3 on my linux box, and I have turned on the user_xattr and acl mount options on the FS on which my share resides. PROBLEM: The XP system has many files with ACLs that I would like to preserve. When using the "xcopy /O" command from the WinXP command prompt to try to copy these files to my Linux box, it comes up with an "Access Denied" error. The file size on the Linux box becomes 0 and the ACLs are not preserved at all. I also made sure that none of the users in the ACL were local users, and that they were all domain users, but the problem still exists. However, I can set ACLs on files residing on the Linux box from WinXP, and that appears to work fine.
Could you try the patch from http://lists.samba.org/archive/samba-cvs/2004-July/050023.html and set 'force unknown acl user = yes'. Even if you have set the owners to domain users, your installation might stumble over the owning groups that do also exists in NT security descriptors.
Yes, this patch fixes it. Is this going to be in the main release tree in the future? Why was this feature disabled for Samba 3.0?
Great! The patch is already part of 3.0.5rc1 and will thus be part of 3.0.5 later on. The bug can be closed now (what I can not do myself).
Lets see if I can mark bugs as resolved.... Volker