sort_acl(old->dacl);
/* Create new security descriptor and set it */
+#if 0
+ /* We used to just have "WRITE_DAC_ACCESS" without WRITE_OWNER.
+ But if we're sending an owner, even if it's the same as the one
+ that already exists then W2K3 insists we open with WRITE_OWNER access.
+ I need to check that setting a SD with no owner set works against WNT
+ and W2K. JRA.
+ */
+
sd = make_sec_desc(ctx,old->revision, old->type, old->owner_sid, old->grp_sid,
NULL, old->dacl, &sd_size);
- fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS);
+ fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS);
+#else
+ sd = make_sec_desc(ctx,old->revision, old->type, NULL, NULL,
+ NULL, old->dacl, &sd_size);
+ fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS);
+#endif
if (fnum == -1) {
printf("cacl_set failed to open %s: %s\n", filename, cli_errstr(cli));
return EXIT_FAILED;