8. Managing Files and Folders
8.1. In Linux
To view and modify extended ACLs in Linux, use the getfacl and setfacl commands, respectively. See the man pages of these commands for the proper syntax.
If you chose to include NFS ACL support in your Debian workstation, you will be able to run these commands from any Debian workstation that has access to the server. Otherwise, you will have to run these commands on the server itself.
8.2. In Windows
Due to the innate differences between the Windows and Linux security models, the Windows ACL dialog will behave slightly differently when accessing files from a Samba server.
For the most reliable view of file permissions, use the dialog's Advanced section.
On a Windows server, one is able to explicitly grant a user or group the rights to modify permissions. With a Samba server, only the owner of a file or folder may change its permissions. When modifying the ACLs of files via the ACL dialog, you will need to login as the user who owns those files in order to make the changes. For files that will be managed by multiple administrators, change the owner of those files to Administrator or some other common user. To modify permissions of these files via the ACL dialog, you will need to login as this user.
Also, inheritable permissions set on top-level directories in the Windows ACL dialog do not propagate to subdirectories unless you explicitly select the Replace permission entries on all child objects option in the dialog's Advanced section.
Apply To field contains subfolders and files. You can modify this field with the Edit dialog.
Replace permissions entries option will overwrite whatever permissions exist below the top-level directory, so use it with caution. Be aware that Samba only honors inherited permissions when files are first created, so you will need to use the Replace permission entries on all child objects option if you reorganize your directory structure.