For the unix permissions create a group for each share. Then change the group ownership on the shared directory. Eg say we have a share called 'administration' then:
chown -R clerical:clerical /srv/clerical
chmod -R g+rwx /srv/clerical
chmod g+t /srv/clerical #sets group ID bit on clerical directory which has the effect of making all files created in that directory as having the same group permissions as the directory
Now in smb.conf have something like this:
valid users = @clerical
read only = no
path = "/srv/clerical"
You may need to setup the clerical group as a samba group too.