This seems to work. The Samba (3.0.37) server is running Solaris 10 8/07 with the share on zfs and joined to a windows 2003 active directory domain. Files created in Solaris can be edited from windows without the permission being changed. Files created from windows have the correct Solaris permissions, owner and group and can be edited without permissions being changed. We use the chmod command to set windows group permissions and Solaris permissions. The zfs aclmode and aclinherit are set to passthrough.
[SambaServer] path = /sambashare read only = no create mask = 0660 force create mode = 0660 directory mask = 0770 force directory mode = 0770 inherit permissions= yes inherit acls = yes inherit owner = yes ea support = yes map archive = no map read only = permissions store dos attributes = yes vfs objects = zfsacl nfs4: acedup = merge nfs4: mode = special zfsacl: acesort = dontcare nt acl support = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba