Web lists-archives.com

[Samba] Problem with rights in samba 4.9.0

good afternoon everyone, 

I have a problem that I can not solve I have installed a samba 4.9.0 in centos 7.5 using XFS. 

In the DPTO share I have the departmental folders, which I gave the rights to the groups. 

The problem: 

when a user creates a file within some sub-folders the group's rights do not arrive in the file is read-only. 

When the user accesses a website and downloads the file directly to the share, nobody in the group can access that file and when I go through windows and right click and access the security tab it closes. 

I need some help to understand how to use acl and give rights correctly. 

follows smb.conf 

# Global parameters 
netbios name = SAMBA 
realm = NOIR.CORP 
server role = active directory domain controller 
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate 
workgroup = NOIR 
ldap server require strong auth = no 
idmap_ldb:use rfc2307 = yes 
vfs objects = recycle acl_xattr 
map acl inherit = Yes 
store dos attributes = Yes 
recycle:keeptree = yes 
recycle:versions = yes 
recycle:repository = /dados/trash/%U 
recycle:exclude = *.tmp, *.log, *.obj, ~*.*, *.bak, *.iso 
recycle:exclude_dir = tmp, cache 

path = /opt/samba/var/locks/sysvol/noir.corp/scripts 
read only = No 

path = /opt/samba/var/locks/sysvol 
read only = No 

path = /dados/dpto 
read only = No 
hide unreadable = yes 
hide unwriteable files = yes 
#Bloqueio de extensoes de midia no samba 
# veto files = /*.mp3/*.nws/*.{*}/*.avi/*.mpeg/*.mpg/*.wma/*.wmv/*.exe 
#nao tentar fazer um lock nesses arquivos 
veto oplock files = /*.doc/*.xls/*.mdb/*.docx/*.DOC/*.DOCX/*.XLSX/*.xlsx/*.rtf/*.RTF/ 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba