I am trying to setup samba 3 using LDAP with ACL's. I am able to setup and change ACL's on directories and files if I specifically enter the user as DOMAIN\userid. If I do the following: - On WIN XP Pro I right click on a directory. - Select the security tab - All users and groups are displayed that currently have ACL's for this dir/file. - Click on ADD and then ADVANCED and then FIND NOW All that shows up in name (RDN) column are groups. If I click cancel here and just enter DOMAIN\userid I am able to add this user and modify their ACL's. I have tried everything and verified that the SID's and RID's of users are right. Can someone give me another suggestion to try so I can just pick the user instead of having to type their userid everytime. Thanks in advance.