set directory acl's

todo: sequencing (need reboot, then re-run playbook)

roles/role-samba4-ad-member/tasks/main.yml

@@ -68,4 +68,24 @@
     group: "{{ samba_group_name }}"
     mode: 1770
   when: private_dir_exists.stat.exists == False
+- name: set acl's on public share
+  ansible.posix.acl:
+          path: "{{ public_share_path }}"
+          entry: "{{ item.entry }}"
+          state: present
+  with_items:
+          - { entry: "user::rwx" }
+          - { entry: "user:nobody:rwx" }
+          - { entry: "group::r-x" }
+          - { entry: "group:domain\ users:rwx" }
+          - { entry: "mask::rwx" }
+          - { entry: "other::r-x" }
+          - { entry: "default:user::rwx" }
+          - { entry: "default:user:administrator:rwx" }
+          - { entry: "default:group::r-x" }
+          - { entry: "default:group:domain\ users:rwx" }
+          - { entry: "default:group:nogroup:r-x" }
+          - { entry: "default:mask::rwx" }
+          - { entry: "default:other::r-x" }
+