[root@printmah samba]# ls -l
total 4
drwxrwxr-x+ 2 root linux 6 Feb 20 05:13 demo

change in smb.conf file change
restart samba,winbind

Post the output of
wbinfo -u and wbinfo -g
and what's in the log file

Just to try i created a folder test
and assigned permission as
And add to share in smb.conf file
Restarted samba and winbind and tried connecting
Prompted to enter password and i was able to connect to share

I did it and the command show me the all groups in AD, For example :

grpillustration_economy
grpillustration_economy_delete
grpillustration_diplomatic
grpillustration_diplomatic_delete
grpillustration_economy_read
grpillustration_diplomatic_read
grpillustration_diplomatic_write
grpillustration_economy_write
grplayout_economy
grppagination_economy_delete
grplayout_diplomatic
grppagination_diplomatic_delete
grppagination_economy_read
grppagination_diplomatic_read
grppagination_economy_write
grppagination_diplomatic_write
grpphoto_economy

I have a question:

Did you use "chgrp YOURDOMAIN\\domain_users PATCH/" or just use "chgrp domain_users PATCH/" ?
I guess "domain_users" is correct and not "domain users".

No just
user zafar is present on both linux and AD with different passwords

#chgrp "domain users" /test
#chmod 775 /test

Oh
The username must exist on two platforms? If I have 200 users in AD I must create all 200 users in Linux too!!!!!!!!!

No i dont mean that. I just told u how it was working with me.
For folder test i changed the group owner to
Then in smb.conf
restart smb
I INPUT DOMAIN PASSWORD WHEN PROMPTED

I did it but Got the same error :

[root@printmah samba]# ls -l
total 4
drwxrwxr-x+ 2 root domain_users 6 Feb 20 05:13 demo


[root@printmah samba]# smbclient //localhost/demo -U jason@JASONDOMAINI.JJ
Enter jason@JASONDOMAINI.JJ's password:
Domain=[JASONDOMAINI] OS=[Unix] Server=[Samba 4.1.1]
tree connect failed: NT_STATUS_ACCESS_DENIED

Firewall is inactive too :

[root@printmah samba]# service iptables status
Redirecting to /bin/systemctl status iptables.service
iptables.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)

[root@printmah samba]#


As I said, I want to read AD accounts and use them for apply permissions and all AD accounts not exist in my Linux.

try adding jason@JASONDOMAINI.JJ to valid users in smb.conf file.
Post output for
and

I added my account to "smb.conf" and run below commands :

[root@printmah ~]# wbinfo -u
eghbali
shoseini
rahmani
afrasiabi
shayan
bani
niakan
jason

it show me all AD users.


[root@printmah ~]# wbinfo -g
linux
grffani-read
grffani-write
grffani-delete
grffani-karkard-read
grffani-karkard-write

It show me all AD Groups.

[root@printmah ~]# getent passwd
jason:*:11303:10513:JASON JASON:/home/jason:/bin/sh

It show me all usernames and hash info.

Did u tried conjecting user jason? What happens?

The default AD group should be
"domain users" in double inverted commas not domain_users.
One thing i remember do u have clock syncing with server?

The default AD group should be "domain users", What does mean?

I added a new share like below :

[test]
path = /home/jason/m/
read only = no
browseable = yes

and I can open it.

[root@printmah jason]# ls -l
total 0
drwxr-xr-x. 2 jason domain_users 6 Feb 18 06:52 m

Ok tell me that the directory u r sharing does it resides on a volume which is acl enabled.
Show me output of
# getfacl /pathto/share

OK.

[root@printmah ~]# getfacl /srv/samba/demo
getfacl: Removing leading '/' from absolute path names
# file: srv/samba/demo
# owner: root
# group: domain_users
user::rwx
user:root:rwx
group::rwx
group:linux:rwx
mask::rwx
other::r-x
default:user::rwx
default:user:root:rwx
default:group::r-x
default:group:linux:r-x
default:mask::rwx
defaultther::r-x