[Solved] Error 0x51b - can't set ownership on some directories

[mwffs3]

I'm syncing files and directories to an SMB share on a FreeNAS server, with the "Copy DACL/SACL/owner/group" option enabled, and with full control privilege setting on the FreeNAS side. Both the source and destination (FreeNAS) are joined to the AD domain.

Most files and directories copy just fine, with the correct permissions and ownership settings.

But there are a couple directories that FFS won't copy - it gives this error:

Error code 0x51b: This security ID may not be assigned as the owner of this object. [SetFileSecurity]

But if I manually create or even drag and drop the very same directory to the same place on the FreeNAS side, it works fine - with the same ownership. Additionally, FreeNAS will then copy the files within that directory to the destination directory I manually created.

So, what is different in how FFS creates directories versus a manual or drag-and-drop directory creation in file explorer?

Any help to get this resolved greatly appreciated!

[mwffs3]

After a lot of digging, this is now solved - and it was a FreeNAS issue, not a FFS issue.

This happened because of a difference in the way BSD (FreeNAS) and Windows handle file user and group ownership.

The short answer: in the FreeNAS Samba service configuration options add this to Auxiliary Parameters:

force unknown acl user=yes

Posting here with the hope that it helps the next person to run into this.

[bgstack15]

Thank you for following up with the response! That is not an obvious answer, so its being here will help people in the future.

[autopatch]

Hey mwffs3,

I just registered here to say THANK YOU, I went kinda mad about this problem and have tried to solve it for a lot of hours till I found this.
Thanks again!

[mwffs3]

Thanks for posting - glad this helped!