The Get Info window has been broken for more years than I can count. Never rely on what it reports when inspecting data from a server and never use it to change permissions on server content. Always use Server.app or the Terminal (chmod).
1-5: You must disable Ignore ownership. If that is enabled on the volume, all permissions are ignored.
6: The default umask is 755 for folders and 644 for files. The group is commonly staff. You can use some Terminal mojo to reset your data using the find and chmod commands (sudo find /path/to/data -type d -exec chmod 755 {} \; sudo find /path/to/data -type f -exec chmod 644 {} \;). Of you can simply set the POSIX owner to read/write and the Group and Other to Read only. However, the exclusion of Everyone is a way to hide the shares when using AFP. This is effective if you have more than one share and you want to restrict visibility to those who should not have access.
7: Use the Terminal to confirm you are getting what you want. Say /Volumes/Files/Dropbox/Data is the share you want. Your group is Research. Run this command to view the permissions:
ls -le /Volumes/Files/Dropbox/Data
drwxr-xr-x@ 2 carbon research 68 Dec 14 17:13 Folder
0: user:_spotlight inherited allow list,search,file_inherit,directory_inherit
1: group:research inherited allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity,file_inherit,directory_inherit
-rw-r--r--@ 1 carbon research 205184 Dec 14 17:13 Test.png
0: user:_spotlight inherited allow read,execute
1: group:research inherited allow read,write,execute,append,readattr,writeattr,readextattr,writeextattr,readsecur ity
You should get something like above. Note the locations of research are both in the POSIX group and the #1 ACE.
8: You need to have all Inheritance boxes checked. This is what you are trying to accomplish.
Recommendation... Leave the existing share alone for a moment. Follow these steps:
1: Make sure Ignore ownership is off
2: Make a new folder
3: Share the folder
4: Edit the folder on the Sharing tab and add ONLY the User group. Set that group to Read/Write
5: Go to a workstation. Connect to the share and add some content.
6: Go to another workstation. Connect to the share as a different user and edit the first users content. Add some new stuff as well.
7: Go back to first workstation. Edit everything.
If you have this working, then replicate to the existing share. If you think you need to start from scratch, you can use the find/chmod command to reset POSIX and the chmod -N to strip the ACL table off all files/folders. Then go back to Server.all and start over.
Reid
Apple Consultants Network
"El Capitan Server – Foundation Services"
"El Capitan Server – Control & Collaboration"
"El Capitan Server – Advanced Services"
:: Exclusively available in Apple's iBooks Store