Bug 5561 - couldn't delete ACL entries
couldn't delete ACL entries
Status: NEW
Product: Samba 3.0
Classification: Unclassified
Component: winbind
x86 FreeBSD
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
: 5562 (view as bug list)
Depends on:
  Show dependency treegraph
Reported: 2008-06-24 05:22 UTC by murzeg
Modified: 2008-06-24 06:03 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description murzeg 2008-06-24 05:22:58 UTC
Couldn't delete ACL entries on directory from Windows XP clients (through Permissions tab).
When deleting any ACE group or user it disappears till pressing Apply button, when applying it appears again. No notifications such "Access denied" doesn't appear.

Strange thing when removing ACL through FreeBSD (file server itself). Applying "setfacl -b" on directory removes all ACL exept default, BUT from Windows client, it still seen like it wasn't removed (only permissions checkpoints removed from that ACE).

This bug absolutely doen't appear in Samba 3.0.24, but in this version another bug with "ACL set when group being set is the primary group" appears, and it fixed only after version 3.0.28

File server OS - FreeBSD 6.3
Samba 3.0.28

User database stores on W2k3 server AD

#Conf files


	default_realm = MYDOMAIN.LOCAL
	default_tkt_enctypes = rc4-hmac des3-cbc-sha1 des-cbc-crc des-cbc-md5
	default_tgs_enctypes = rc4-hmac des3-cbc-sha1 des-cbc-crc des-cbc-md5
	permitted_enctypes = rc4-hmac des3-cbc-sha1 des-cbc-crc des-cbc-md5

        kdc = srvmain.mydomain.local
        admin_server = srvmain.mydomain.local
    .srvmain.mydomain.local = MYDOMAIN.LOCAL


group: files winbind
group_compat: nis
hosts: files dns
networks: files
passwd: files winbind
passwd_compat: nis
shells: files
shadow: files winbind


#======================= Global Settings =====================================

   workgroup = MYDOMAIN
   netbios name = FREE
   server string = Samba %v on %L
   security = ads
   password server = srvmain.mydomain.local
   max log size = 50000

encrypt passwords = yes
smb ports = 445 139
log level = 10
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/winnt/%D/%U

   display charset = cp1251
   unix charset = cp1251
   dos charset = cp866

   nt acl support = yes
   dns proxy = no 
   log file = /var/log/samba/%m.%U.log
   load printers = no

#============================ Share Definitions ==============================
   comment = My share
   path = /usr/newshare
   valid users = "@UFPS\Domain Users"
   admin users = MYDOMAIN\murzeg
   nt acl support = yes
   comment = Home Directories
   browseable = no
   writable = yes

logon path =
logon drive =
logon home =
Comment 1 Volker Lendecke 2008-06-24 06:03:33 UTC
*** Bug 5562 has been marked as a duplicate of this bug. ***