[Samba] please help: problems using 'force group' option

[Jordi Castells]

hi all,
 
I have a linux box running redhat 8.0 with samba 2.2.7 into a ms network
 
I would like to control the access to the shared files, so only allowed groups of users can modify/create files 
 
I use 'force group' option to ensure that created files has the same owner group so all users of that group can modify these files (but not others users not belonging to that group)
 
my smb.conf look like:
 
[global]
   workgroup = mywrokgroup
   browse list = no
   security = server
   password server = ntserver
   allow trusted domains = yes
   encrypt passwords = yes
   obey pam restrictions = yes
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   map to guest = never

[digital_lib]
   comment = library
   force group = +share
   path = /data/share
   public = no
   readonly = no
   writable = yes
   locking = yes
   force create mode = 0775
   force directory mode = 0775
   valid users = +share +users
 
When I use 'force group = +share' I spect that users accesing to this share have assigned as primary group 'share' only if that user belongs to that group, and the rest of users retain their primary group 'users', but what really happens is every user that access to this share gets as primary group 'share' allowing everyone to write, modify or delete files
 
I do not know where is the problem, I supose that I mixed options that can not be mixed (I do not know if the problem is becase I valitating users with a ntserver)
 
Could someone helps me?
 
thank a lot