Created attachment 18427 [details] Debug log (level 10) of adding ACL Listing ACL's for Windows share: smbcacls //10.10.50.23/home /ctest -U czt-admin -W PUW -m SMB2 result: REVISION:1 CONTROL:SR|DI|DP OWNER:PUW\czt-admin GROUP:PUW\Domain Users ACL:PUW\czt-admin:ALLOWED/I/FULL ACL:CREATOR OWNER:ALLOWED/OI|CI|IO|I/FULL ACL:NT AUTHORITY\SYSTEM:ALLOWED/OI|CI|I/FULL ACL:BUILTIN\Administrators:ALLOWED/OI|CI|I/FULL add ACL: smbcacls //10.10.50.23/home /ctest -U czt-admin -W PUW -m SMB2 -a 'ACL:PUW\ctest:ALLOWED/OI|CI/FULL' and list once again: REVISION:1 CONTROL:SR|DP OWNER:PUW\czt-admin GROUP:PUW\Domain Users ACL:PUW\ctest:ALLOWED/OI|CI/FULL ACL:PUW\czt-admin:ALLOWED/I/FULL ACL:CREATOR OWNER:ALLOWED/OI|CI|IO|I/FULL ACL:NT AUTHORITY\SYSTEM:ALLOWED/OI|CI|I/FULL ACL:BUILTIN\Administrators:ALLOWED/OI|CI|I/FULL CONTROL changed from SR|DI|DP to SR|DP (automatic inheritance is lost). smbcacls Version 4.17.12-Debian