I assume you know that you can also use cifs.extacl=2 to show and change Unix perms from a Windows client

if you turn it on then you will see additional additional "fake" ACL's for the Unix u-g-o perms in Windows Explorer properties

Rainer

Hi,

have you tried to set this param to 1 so that new files created through CIFS get the GID that you specified in your passwd file  ?

cifs acl.useUnixGid

0 or 1   Default: 0

Sets the group identifier (GID) mapping for file system objects
created on a Windows client.

0 = Assign the GID of the Windows primary domain group to
which the user belongs.

1 = Assign the Windows user’s GID (as found in the GID field of
the .etc/passwd file, NIS database entry, or Active Directory)

or this one (if the Unix user that your Windows account is mapped to is a member of a Unix group that allows access):

cifs acl.extendExtraGid 0 or 1
Default: 0

Controls whether CIFS user credentials and NFS NT credentials
include information about the UNIX groups to which the user
belongs. This applies in a multiprotocol environment only.

0 = Base the user credential only on the Windows Security IDs
(SIDs) for the user and the Windows groups to which the user
belongs.

1 = Include in the user credential the SIDs that correspond to the
UNIX groups to which the user belongs.

multi-protocol access can be a bit tricky - esp. the distinction between user mapping and access

IMHO the best way is to get familiar with the (awkward IMHO) server_cifssupport syntax - it can tell you exactly how a user and its groups gets mapped, what access it should have from which protocol on which file

Rainer

P.S.: I assume you are using security mode NT and not Unix or Share