There is some important functionality missing from users and groups.
- The ability to assign users to groups (or groups to users).
- Setting the SetGID/SetUID permission on directories (but not files) so that files end up with the correct owner/group.
- Recursively applying permissions, owner and group to all files/directories in a share. As above directories require different permissions to files. A scheduled task to do this periodically would also be good.
- Set permission masks and forced permissions in sharing services settings.
For SMB I am using
create mask = 0770
force create mode = 0660
directory mask = 2770
force directory mode = 2770
For AFP I am using
file perm = 0660
directory perm = 2770
chmod request = ignore
umask = 2770
I don’t know what settings are applicable to NFS or SFTP