diff -ur samba-3.5.3~dfsg-orig/source3/modules/vfs_posixacl.c samba-3.5.3~dfsg/source3/modules/vfs_posixacl.c
--- samba-3.5.3~dfsg-orig/source3/modules/vfs_posixacl.c	2010-05-17 13:51:23.000000000 +0200
+++ samba-3.5.3~dfsg/source3/modules/vfs_posixacl.c	2010-06-09 20:10:03.000000000 +0200
@@ -267,12 +267,35 @@
 	}
         return acl_set_permset(entry, permset);
 }
+static int smb_acl_add_mode(acl_entry_t entry, SMB_ACL_PERM_T perm)
+{
+        int ret;
+        acl_permset_t permset;
+
+	if ((ret = acl_get_permset(entry, &permset)) != 0) {
+		return ret;
+	}
+        if ((perm & SMB_ACL_READ) &&
+	    ((ret = acl_add_perm(permset, ACL_READ)) != 0)) {
+		return ret;
+	}
+        if ((perm & SMB_ACL_WRITE) &&
+	    ((ret = acl_add_perm(permset, ACL_WRITE)) != 0)) {
+		return ret;
+	}
+        if ((perm & SMB_ACL_EXECUTE) &&
+	    ((ret = acl_add_perm(permset, ACL_EXECUTE)) != 0)) {
+		return ret;
+	}
+        return acl_set_permset(entry, permset);
+}
 
 static acl_t smb_acl_to_posix(const struct smb_acl_t *acl)
 {
 	acl_t result;
 	int i;
-
+        acl_entry_t  *user_obj_entry=NULL;
+        	
 	result = acl_init(acl->count);
 	if (result == NULL) {
 		DEBUG(10, ("acl_init failed\n"));
@@ -283,13 +306,23 @@
 		const struct smb_acl_entry *entry = &acl->acl[i];
 		acl_entry_t e;
 		acl_tag_t tag;
+		
+		if (entry->a_type==SMB_ACL_USER_OBJ && user_obj_entry){
+                        DEBUG(1, ("duplicate ACL_USER_OBJ entry\n"));
+                        //e = user_obj_entry;                       
+		        if (smb_acl_add_mode(*user_obj_entry, entry->a_perm) != 0) {
+		                 goto fail;
+                        }
+                        continue;       
 
+                }
+                	
 		if (acl_create_entry(&result, &e) != 0) {
-			DEBUG(1, ("acl_create_entry failed: %s\n",
-				  strerror(errno)));
-			goto fail;
-		}
-
+		        DEBUG(1, ("acl_create_entry failed: %s\n",
+			          strerror(errno)));
+		        goto fail;
+                }
+		
 		switch (entry->a_type) {
 		case SMB_ACL_USER:
 			tag = ACL_USER;
@@ -338,18 +371,24 @@
 		default: 	/* Shut up, compiler! :-) */
 			break;
 		}
-
 		if (smb_acl_set_mode(e, entry->a_perm) != 0) {
-			goto fail;
-		}
+		        goto fail;
+                }
+                if (entry->a_type==SMB_ACL_USER_OBJ){
+		        user_obj_entry=&e;
+                }
+                
 	}
-
 	if (acl_valid(result) != 0) {
+		char * acltext;
 		DEBUG(0, ("smb_acl_to_posix: ACL is invalid for set (%s)\n",
 			  strerror(errno)));
+                acltext = acl_to_text(result,NULL);
+                DEBUG(2, ("smb_acl_to_posix: ACL=%s\n",
+                        acltext));
+                acl_free(acltext); 
 		goto fail;
 	}
-
 	return result;
 
  fail: