Failure of ACL setting for CIFS share resource on Windows client logined with administrator account RRS feed

  • Question

  • Hi,
      We accounter a puzzle of ACL setting for a CIFS share resource. In our application, we use the administrator account to login a Windows 7 OS which is used as the CIFS client. We can access the share resource by "\\server_ip" on  this CIFS client,  but we can't add a new ACE to the ACL of a CIFS share resource provided by a CIFS server. Why dose this hanppen? Note that the CIFS server maybe a Windows OS or a self-developed CIFS server. 
      The operation details as followed:
    1.Access the share resource by "\\server_ip", login the CIFS server by a valid account on the CIFS server.
    2.On the Windows client, select the "Security" panel in the mouse-right-button properties dialog of a cifs share resource.
    3.To add a new ACE for someone eg. user0, we input "user0" in the "Select Users ans Groups" dialog popped up.
    4.Click OK, but the Windows client will not get the user information for user0 from the CIFS server. WHY?
    5.By wireshare network trace, we find the Windows client didn't send any SAMR requests to the CIFS server.
    6.Restart the Windows client OS and login again with another account except administrator, carry out the above operations. We find that the Windows client can get the user information, opposite with the step 4 above. WHY?
    7.By wireshare network trace, we find that the Windows client has sent SAMR requests to the CIFS server to get user informations. But that is different from step 5,  WHY?
    If the Windows client OS is login with administrator account, is there any configuration on Windows client to decide whether request user information on CIFS server when setting ACL for CIFS share resource?
    Expect your help.Thanks.
    Best wishes.
    Tuesday, January 13, 2015 7:09 PM