On a Windows 2003 system it is not allowed to change the ACLs from a normal domuser. The corresponding checkbox is grayed out on the ACL editor(only on client side). Therefore it impossible for the client to make changes on the ACL. Connection the client to a SAMBA server shows a different behavior. The checkbox is active and the domuser can change the ACL.
In the meantime, Stefan Metzmacher has found the solution for this. It is the share acls that make the difference. Full control granted via the share acls enables acl setting remotely even on W2k3. Probably one of my test systems was not properly configured. We're working on this. Thanks for the bug report!
Update: I've talked to people from Microsoft at SambaXP, and it was not immediately clear how this is exactly supposed to work. MS will soon respond. Volker
Lowering severity.
Created attachment 6666 [details] Patch for master This is a patch for master. Stefan, can you take a look? This survives my initial testing. Volker
Comment on attachment 6666 [details] Patch for master I've pushed this to autobuild
Created attachment 6682 [details] Patch for v3-6-test
(In reply to comment #6) > Created attachment 6682 [details] > Patch for v3-6-test Pushed to v3-6-test. The patches do not apply to v3-5-test, the bug report is against 3.5. Volker/Metze, is there a chance to get a backport for 3.5?
Metze, is there a chance to get a backport for 3.5?
Maybe for 3.5.12, I'm not sure if I have the time to do it for 3.5.11, as the patches doesn't apply in 3.5.
I don't think this will make it into any 3.5 release anymore