[Samba] windows acls

[Peter Carlson]

I am having troubles with windows ACLs.  I have been following the wiki 
(https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs) 
and must have messed something up.
I can't set the permissions on the root of the share.  error: 
https://pasteboard.co/yJadpk2bH0pJ.png

I set the SeDiskOperatorPrivilege, created the folder with permissions 
as stated in the wiki, and set smb.conf as described. What might I be 
missing?

root at filesvr:~# net rpc rights list privileges SeDiskOperatorPrivilege 
-U SDCP\\peter
Password for [SDCP\peter]:
SeDiskOperatorPrivilege:
   SDCP\Domain Admins
   BUILTIN\Administrators

root at filesvr:~# ls -l /data
drwxrwx---+  4 root SDCP\domain admins    4096 Oct  3 08:45 test


=================================== smb.conf 
=================================================
[global]
server string = %h server (Samba, Ubuntu)
log file = /var/log/samba/log.%m
max log size = 1000
logging = file
panic action = /usr/share/samba/panic-action %d

server role = member server
template homedir = /home/%U@%D
template shell = /bin/bash

usershare allow guests = yes
kerberos method = secrets and keytab

security = ads
idmap config SDCP : range = 2000000-2999999
idmap config SDCP : backend = rid
idmap config * : range = 10000-999999
idmap config * : backend = tdb
winbind refresh tickets = yes
winbind offline logon = yes
vfs objects = acl_xattr
map acl inherit = yes
realm = S*****NT.LOCAL
workgroup = SDCP
winbind use default domain = no
winbind enum groups = no
winbind enum users = no

#======================= Share Definitions =======================
[Test]
     path = /data/test
     comment = test
     read only = no
#acl_xattr:ignore system acls = yes

========================  On a different server showing my membership
SDCP\peter at xrdp:~$ groups
SDCP\domain admins BUILTIN\administrators BUILTIN\users SDCP\domain 
users SDCP\denied rodc password replication group SDCP\dbusers 
SDCP\peter SDCP\linux admins SDCP\remotedesktop SDCP\nextcloud users