editing files on Server 2008 messes up permissions

I have a very similar problem on 10.8.4 in a Windows 2008 R2 environment. Did you resolve this isse?

Thanks!

simple but ironic:

under 2008 security set the group permisions to "MODIFY" instead of "FULL CONTROL"

cheers

User has MODIFY permissions with no full control on the folder. I do still experience the same issue.

any other ideas?

In my situation, the deny added for S-1-5-88-3-448 is not being added while a MAC user is modifying/creating files using Finder. The deny is being added when using Rsync.

I am also having this issue. We have Macs on the latest OS joined to our Active Directory domain, and connecting to a Windows 2003 server share. When the Mac users are editing/copying files on the share or adding new files, an unknown permission S-1-5-88-3-448 gets added to the security or ACL of the shared folder. These files are for internal dev websites, and once the S-1-5-88-3-448 permission gets added you will get a log in prompt when trying to browse the page. Once you go to the server and remove the permission everything works normally again. We have been able to recreate one instance of this happening by downloading a picture from the internet and saving it directly to the file share. If we download the file locally to the mac first, and then copy it to the file share it does not seem to modify the permission list.

The Windows share has the following permissions.

Local admin group: Full Control

Domain group: Modify - The mac users are part of this group

System: Full Control

Any suggestions would be appreciated. This problem has been happening for months and is very frustrating.

Bumb

Anyone have any ideas here?

<bump>

This is happening for us as well - windows 2008r2 file server mac 10.11

editing the file on the mac seems to grab ownership for the AD user that the mac is logged in with and adds this S-1-5-88-3-448 user with deny permissions.

Did anyone resolve this? resetting NTFS permissions is getting dull!