Mojave share permissions

I've created some test folders on the server and when I go into Tinkertool it shows the ACL permission with inherited ticked. When a user creates a folder, Tinkertool doesn't show the ACL permission

Just noticed this command to enable ACL on SMB, maybe I have to run this command

"sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.smb.server AclsEnabled -bool YES"

I've created a group which all users are members of. If I use TinkerTool and add under ACL, it works and applies itself to subfolders. The problem is that if the users click info on a folder, they don't see the group, just themselves, staff and everyone.

Not a problem because I think it does work, it's just the info window lying.

ok update on this. Using tinkertool system, if I add a group to the ACL permissions and tell it to propagate with subfolders, it appears to work. However when a user creates a subfolder, it still shows the same with the user having read/write and everyone read, but other users do have access. So almost as though the client machine isn't showing the ACL permission, but it's lying.

If I modify the POSIX permission of Others to read/write, the permission for the user then shows everyone as read/write, but sub folders don't pick up the parent settings.

ok that makes sense. Sure they used to though before the upgrade.

We would be happy to use the POSIX permission for Everyone to be set to read/write but it's no good when it doesn't apply to new folders

Ok thanks. Just remembered that by entering them in the info tab, it didn't push them to new subfolders until I used tinkertool and used the extra options.

I'll rest on some more folders tomorrow if I get the chance.

ok so it looks like the issue is still there. Despite have ACL permissions for a group on the top level, any subfolders that a user creates, is then locked to them and nobody else can edit.

I tested this on Monday and it was ok, however today it seems to be back again with no changes being made

If a user creates a new folder inside top_share, it’s pulling in the ‘inherit’ attribute from the top level and everyone can edit.  If they create a folder further down, it’s not pulling in the ‘inherit’ attribute and nobody edit until we push the settings.

I have propagated settings from the top level with TinkerTool but is there something I'm missing?

ok thanks. So to confirm what I've done with the ACL permission is correct then and the info tab is never going to show it correctly?